Hacker avoids prison for 2017 iCloud blackmail attempt

Kerem Albayrak, 22 from North London, pleaded guilty to one count of blackmail to a Southwark Crown Court on December 2, and previously admitted to two related counts of "unauthorized acts with intent to impair the operation of or prevent/hinder access to a computer." In sentencing on Friday, the court gave Albayrak a two-year suspended jail term, along with an order to perform 300 hours of volunteer work and a six-month electronic curfew.

The attempted blackmail took place in March 2017, by a group called the "Turkish Crime Family." According to the UK National Crime Agency, which investigated the crime in collaboration with authorities in the US, Albayrak was the spokesperson for the hacker collective.

The group threatened Apple with the factory reset of 319 million user accounts on iCloud, as well as dumping collected databases online if the demand was not met. After contacting Apple Security with the initial threat and not receiving an adequate response within a week, he doubled the demand to $75,000 in cryptocurrency or one thousand $100 iTunes gift cards.

Albayrak also created a YouTube video where he accessed two seemingly random iCloud accounts as a form of proof, which was sent to Apple as well as media outlets. A small collection of UK-based iCloud accounts were also provided to media for verification.

Albayrak was arrested, and a search of seized devices confirmed his involvement in the group. In one conversation, the hacker bragged to the rest of the group that "the attack will happen 99.9%. Even if it doesn't, you're still going to get A LOT of media attention."

He went on to tell investigators of the need for fame. "When you have power on the Internet, it's like fame, and everyone respects you," Albayrak claimed. "Everyone is chasing that right now."

"Albayrak wrongly believed he could escape justice after hacking in to two accounts and attempting to blackmail a large multi-national corporation," said Anna Smith, a senior investigative officer for the NCA. "During the investigation it became clear that he was seeking fame and fortune. But cyber-crime doesn't pay."

At the time of the attempted blackmail, Apple said that its systems were not compromised, with the NCA investigation confirming there were no signs of a breach. Albayrak did have data that could be used in an attack, but it was collected from breaches of third-party services, and most of the accounts were inactive.

In emails sent from the Turkish Crime Family group to AppleInsider, the group claimed it had the capability to factory reset 150 accounts per minute, per script, that each server under its control could handle 17 scripts, and that there were 250 servers. Emails sent after the raid claimed Albayrak was innocent and that he "only provided" databases to the group.