A hacker or group of hackers is apparently trying to extort Apple over alleged access to a large cache of iCloud and other Apple email accounts. The hackers, who identified themselves as 'Turkish Crime Family', demanded $75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data.
"I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing," one of the hackers told. The hackers provided screenshots of alleged emails between the group and members of Apple's security team.Read more
Last week, experts demonstrated a piece of Android malware that can remotely turn on a smartphone's microphone, track the user's location, and intercept phone calls. When buying similar spyware for iPhones, attackers typically need to jailbreak the device first so they can then install unauthorized apps — a technical barrier that may take some time.
But companies do offer monitoring solutions for iPhones that apparently work on iOS 10 devices and don't require a jailbreak. Instead, they take advantage of another aspect of Apple products that some users may overlook — iCloud backups.Read more
If you think clearing your web browsing history on your iPhone or Mac is going to make your online habits permanently disappear, you'd be wrong. Very wrong. Apple is storing Safari histories in the iCloud going back more than a year, possibly much longer, even where the user has asked for them to be wiped from memory.
Elcomsoft chief Vladimir Katalov told the iPhone maker kept a separate iCloud record, titled "tombstone," in which deleted web visits were stored, ostensibly for syncing across devices. Katalov told me he came across the issue "by accident" when he was looking through the Safari history on his own iPhone.Read more
Apple has a hidden feature for you in its iPhones: call logs going back as far as four months are stored in near real-time in the iCloud. That’s the warning today from a Russian provider of iPhone hacking tools, Elcomsoft, which claimed the feature was automatic and there was no way to turn it off bar shutting down iCloud Drive altogether.
Whilst it was well-known that iCloud backups would store call logs, contacts and plenty of other valuable data, users should be concerned to learn that their communications records are consistently being sent to Apple servers without explicit permission, said Elcomsoft CEO Vladimir Katalov.Read more
Some shady tweaks that you installed on their jailbroken devices are looking to steal your iCloud login credentials. The iCloud account details, including email addresses and passwords, of nearly 220,000 users have been breached.
The security breach was a result of 'backdoor privacy attack' caused by the installation of a malicious jailbreak tweak. It appears that hackers are using a variety of built-in backdoors that could be numerous of malicious jailbreak tweaks in an effort to acquire victim's iCloud account information. Once installed, these malicious tweaks transferred the iCloud login details of the jailbreak users to an unknown remote server.Read more
A security expert demonstrated how to exploit a vulnerability in Apple IOS system to steal user password with a phishing email. A new vulnerability that affects Apple’s iOS could be exploited by hackers to collect user passwords by using a single email.
A security and forensic expert has developed a tool, the iOS 8.3 Mail.app inject kit, that could be used to create malicious iCloud password phishing emails. He explained that he exploits an unpatched bug affecting Apple iOS. The iOS 8.3 Mail.app inject kit exploits a vulnerability in the Apple operating system’s native email client that allows and attacker to display a realistic pop-up.Read more
A new patent filing describes using the cloud to transfer your Touch ID fingerprint data to other devices. Would such a system be safe and secure? Apple has envisioned a technology that would sync your Touch ID data with other mobile devices, as well as point-of-sale systems, via iCloud.
The sensor requires your fingerprint to access the device and to make purchases using the Apple Pay payments system. Setting up Touch ID is a matter of registering one or more fingerprints on your device. Why would Apple propose a cloud-based system for this process? How would this proposed syncing technology safeguard your Touch ID data?Read more
Chinese authorities are attacking users who are connecting to Apple's iCloud website in what appears to be a surveillance push to steal users' login credentials, according to a Chinese censorship monitoring group.
After the new iPhone 6 went on sale in China, connections to iCloud.com were hijacked and stripped of the usual encryption that prevents hackers and government spies from intercepting the username and password typed by someone connecting to the site. This is another example of what is technically known as a "man-in-the-middle" (MITM) attack. China has been accused of intercepting connections with a MITM attack against Github, Google, and, more recently, Yahoo.Read more
Apple said that it is making it impossible for the company to turn over data from most iPhones or iPads to police — even when they have a search warrant — taking a hard new line as tech companies attempt to blunt allegations that they have too readily participated in government efforts to collect user information.
Not so long ago these news were marked by an internet-wide newsbreak: anonymous hackers somehow obtained explicit photos of various Hollywood celebrities, including many A-listers, like Jennifer Lawrence, and publicized this material on the Internet.
Such leaks are not new, however, this one was on a massive scale. From the very beginning there was an assumption that perhaps some photos were stolen directly from celebrities’ accounts in the Apple’s iCloud. Is this possible? If so, what can be done to avoid the theft? At this time, there is no hard evidence in this case. Apple and the FBI are currently investigating and we look forward to reading the results.Read more