INSUBCONTINENT EXCLUSIVE:
Image copyrightTheIndianSubcontinent/AppleImage caption
iCloud helps Apple customers back up their devices
A 22-year-old man has admitted trying to blackmail Apple by claiming he had access to millions of iCloud accounts.Kerem Albayrak from
found that Albayrak had not compromised Apple's systems.He has been given a two year suspended jail sentence and ordered to do 300 hours of
unpaid work.In March 2017, Albayrak emailed Apple's security team, claiming to have breached millions of iCloud accounts.He posted a video
on YouTube that appeared to show him breaking in to two accounts.He threatened to sell the account information, dump his database online and
reset the accounts, unless Apple paid his iTunes gift card demand.Albayrak also said he would accept $75,000 worth of crypto-currency, but
later increased this to $100,000.He was arrested at his home in north London about two weeks after sending his threat.Apple investigated his
claims but could not find evidence that its systems had been compromised.The UK's National Crime Agency found that Albayrak had gathered
email addresses and passwords from other services, which had previously been exposed in data breaches
He then tried his luck, seeing if anybody had used the same username and password for their iCloud account.This type of attack, known as
credential stuffing, can be automated to speed up the process.Albayrak told investigators: "When you have power on the internet it's like
fame and everyone respects you."In addition to the 300 hours of unpaid work, he has been given a six month electronic curfew."Albayrak
wrongly believed he could escape justice after hacking in to two accounts and attempting to blackmail a large multi-national corporation,"
said Anna Smith, a senior investigative officer for the NCA.
