Threat Management, Vulnerability Management

British hacker sentenced after bluffed Apple extortion plot evaporates

Nearly three years after attempting to extort either $100,000 in cryptocurrency or a thousand $100 iTunes gift cards from Apple, a British hacker was sentenced at Southwark Crown Court in London to a two-year suspended jail term, 300 hours of unpaid work and a six-month electronic curfew.

Kerem Albayrak, 22, of North London, told Apple in March 12, 2017 that he had a database of 319,000 iCloud and other Apple accounts that he would sell online if the computer company didn’t meet his demand, which initially was $75,000, reported the National Crime Agency (NCA), which along with U.S. law enforcement was alerted by Apple. 

A week later, Albayrak posted a YouTube video of himself compromising and factory-resetting two random iCloud accounts and sent the link to Apple security and media outlets. Two days later, Albayrak raised the ransom demand to $100,000.

On March 28, 2017, the NCA’s National Cyber Crime Unit arrested Albayrak at his home in north London and confiscated his phone, computers and hard drive. The NCA says Albayrak's phone records suggest he was the spokesperson for a hacker group calling itself “Turkish Crime Family.”

On Dec. 2, 2019, Albayrak pleaded guilty to one count of blackmail, adding to his previous admission of committing two unauthorized acts with intent to impair the operation of or prevent/hinder access to a computer.

The NCA investigation found that Albayrak did not possess data from active iCloud accounts, but rather from previously compromised, mostly inactive third-party services. Furthermore, Apple reported that it found no evidence that Albayrak had compromised its network.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.