Apple ‘hacker’ spared jail for blackmail iCloud

Apple 'hacker' spared jail for blackmail iCloud

Copyright to images
BBC / Apple

Image caption

iCloud helps Apple customers back up their devices

A 22-year-old man admitted trying to blackmail Apple by claiming he had access to millions of iCloud accounts.

Kerem Albayrak from North London threatened to delete 319 million accounts until Apple gave him $ 100,000 (£ 76,000) iTunes gift cards.

However, the investigation showed that Albayrak did not threaten Apple’s systems.

He was sentenced to two years’ imprisonment and was ordered for 300 hours of unpaid work.

In March 2017, Albayrak sent an email to Apple’s security team, claiming it violated millions of iCloud accounts.

He posted a video on YouTube that appears to have shown him split into two accounts.

He threatened to sell account information, drop his online database, and reset accounts until Apple paid for the iTunes gift card.

Albayrak also said he would accept a $ 75,000 cryptomenu, but later raised it to $ 100,000.

About two weeks after the threat was sent, he was arrested in his home in North London.


Apple examined his claims, but found no evidence that his systems were compromised.

The British National Crime Agency found that Albayrak had collected email addresses and passwords from other services that were previously exposed to data corruption.

He then tried his luck to see if anyone had used the same username and password for his iCloud account.

This type of attack, called filling credentials, can be automated to speed up the process.

Albayrak told investigators, “When you have power on the Internet, it’s like fame and everyone appreciates you.”

In addition to 300 hours of unpaid work, he received a six-month electronic order.

“Albayrak mistakenly believed he could escape justice when he stuck in two accounts and tried to blackmail a large multinational company,” said Anna Smith, head of NCA investigator.