He claimed to have gotten access to a great deal of iCloud account and other services Apple, and threatened to reset 319 million if the Cupertino company had not consented to satisfy its pecuniary requests.
However the adventure of Kerem Albayrak, self-styled hacker, did not end well, at least for him: just in these days he was sentenced to two years in prison with suspension of sentence, a 300 hours of socially useful jobs and a six months of "electronic curfew". After the case of the Italian multiservice IREN, of the hacker who stole access data to the PA databases and of hacked accounts on Facebook and Twitter, we return to talking about computer crimes; or, in this case, presumed such.
But let's take a step back: the story began in March 2017, when the then 22-year-old Albayrak, residing in London, had sent an email to Apple Security saying he got access to millions of Apple accounts and that if the company didn't pay him $ 75,000 in cryptocurrencies (or, alternatively, a thousand $ 100 iTunes gift cards), it would reset 319 million, then spread the databases online.
A week later, Albayrak had uploaded to YouTube a video in which he was seen accessing two apparently random iCloud accounts; after sending it to Apple Security and some newspapers, the hacker had raised the mail, asking $ 100,000 and threatening to reset all accounts to which he had access.
Apple had turned to British and U.S. law enforcement agencies, and the March 28, 2017 the agents of the National Crime Agency they had arrested Albayrak at his domicile London. From the seizure of his electronic devices it emerged that the young man was part of a group of hackers who called himself "Turkish Crime Family" to which he had assured the success of the operation and, if something had gone wrong, at least a good deal of "media attention".
And in fact it seems that the self-styled hacker was aiming only for fame, since investigations have highlighted how the Apple system had it not been in any way compromise; the data referred to by Albayrak came from previously compromised third-party services, and most were already Inactive. After pleading guilty to account violation and blackmail, the conviction is here.