The attacker threatened to publish the data of 319 million iCloud users.
A cybercriminal who tried to blackmail Apple in 2017 was sentenced to a prison term of 2 years.
On March 12, 2017, 22-year-old Kerem Albayrak from North London sent an email to Apple Security, claiming he has access to a huge archive of iCloud account information and other Apple services that he planned to sell using his “Internet friends.” The attacker demanded that Apple provide him with $ 75 thousand in cryptocurrency or $ 1000 in the form of iTunes gift cards in exchange for deleting the database. Albayrak threatened to reset 319 million iCloud accounts and publish databases on the Web if his requirements were not met.
A week later, Albayrak filmed a video of him accessing two iCloud accounts, and then posted the video on YouTube by sending a link to Apple’s security service and several media outlets. Two days later, the criminal demanded that $ 100 thousand was threatened to reset the settings of each iCloud account at his disposal.
Apple contacted law enforcement in the UK and the US, and the National Criminal Agency (NCA) led the investigation in the UK. On March 28, 2017, employees of the National Anti-Cybercrime Unit of the NCA arrested Albayrak in a place of residence in northern London. During the search, digital devices were seized, including a telephone, computers and a hard drive.
Investigators also found telephone records showing that Albayrak was a member of the Turkish Crime Family cybercriminal group.
Albayrak was sentenced to a prison term of 2 years and 300 hours of correctional labor.