A court in the United Kingdom delivered a two year suspended jail sentence to a 22-year-old man who tried to blackmail Apple Inc by claiming that he possessed the codes to access millions of iCloud accounts of the company.
According to reports, the man, named Kerem Albayrak from north London, also threatened the iPhone maker of wiping away 319 million accounts while making a demand of iTunes gift cards worth $100,000 for keeping the data intact.
He later admitted trying to blackmail Apple.
But the fraud was caught in an investigation that found that none of the systems of Apple had been broken into by Albayrak.
In addition to the suspended sentence, the youth was also ordered to 300 hours of unpaid work.
The threat was first emailed to the security team of Apple by Albayrak in March 2017 in which he claimed that millions of iCloud accounts had been breached by him.
In order to prove his claims, he also posted a video which apparently showed that he had indeed breached two accounts.
He threatened that unless Apple paid his iTunes gift card demand he would sell all the breached account information, dump his database online and reset the accounts.
Albayrak also said he would accept $75,000 worth of crypto-currency, he however later increased the amount to $100,000.
After about two weeks after sending his threat, Albayrak was arrested by the police from his home in north London.
Even after extensive investigations of Albayrak’s claims, Apple could not find any shred of evidence that its systems had been breached.
Those email addresses and passwords from other services that had previously been exposed in earlier data breaches had been gathered by Albayrak, found an investigation by the National Crime Agency of the United Kingdom. The investigators said that Albayrak then tired out his luck to see whether anyone else had used the same username and password for their iCloud account.
This type of attack, known as credential stuffing, can be automated to speed up the process.
“When you have power on the internet it’s like fame and everyone respects you,” Albayrak told investigators.
A six month electronic curfew has also been given to him.
“Albayrak wrongly believed he could escape justice after hacking in to two accounts and attempting to blackmail a large multi-national corporation,” said Anna Smith, a senior investigative officer for the NCA.
(Adapted from BBC.com)