A London-based IT analyst & hacker has demanded $175,000 in ransom after he filmed himself accessing Apple iCloud accounts and posted a video on YouTube.
The hacker has demanded $175,000 to be paid in Bitcoin else he would disclose details from almost 319 million users’ accounts when he had access to their accounts.
According to the reports, he initially demanded $75,000 worth of Bitcoin then upped the amount to $150,000 and $1,100 in iTunes gift cards in return for calling off his plan to sell the personal details of 319m Apple iCloud user.
Ankush Johar, Director at Infosec Ventures, “Apple’s iCloud getting into cyber security incidents is something which is not very uncommon just like any other widely used product but given that Apple doesn’t have an official Bug Bounty program, most of such hacks and bypasses come out in the open as Youtube videos and blogs putting the privacy of the users at risk.
Bug Bounty program is crowd sourcing of a defensive nature. This hunt for Zero-Days is offensive crowd sourcing of security vulnerabilities. Crowdsourced security is the ultimate solution for finding any possible security bug whether defensive or offensive, like in this case.”
He further added, “One of the biggest reasons all major organisations including Google, Facebook and even the US Department of Defence indulge in massive paid bounties to hackers that find bugs for them is to avoid such scenarios as even if one malicious hacker decides to hold on to a vulnerability, the chances that out of thousands of other ethical hackers, no one will find the same bug is very low.”