iCloud breach allegations
a guest Mar 23rd, 2017 15,117 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
- Hello Humans,
- Apple has now announced that they were not breached which no one claimed they were other than some journalists who misunderstood the situation, they announced this for their user's comfort & to make them feel better about their selves as they're very insecure with their company.
- They have basically announced what we have told them which is that there was no breach, this has nothing to do with a breach.
- The whole "thing" not being a breach doesn't change any claims that were made by us, the entire DB was acquired and built from multiple DB's that we have been selling in the past 5 years as we decided to keep all our @icloud.com, @me.com & mac.com domains due to those domains not having a popular demand in the cracking community.
- More and more people started getting involved after all the press release world wide, these people have been providing us even more databases which we did not already have, this is bumping up the total number of active iCloud accounts we have to reset.
- We are still strengthening our infrastructure and acquiring more servers for the attack
- - We're still in contact with Apple.
- The total number of unhashed DB lines we currently hold with only Apple owned extensions are over 750 million, out of the 750 million we have 250 million that are checked and working live, there is still a big amount that we're still scanning.
- How did we get such a high hit % ratio on the lists which some of them are pretty old?
- Most of DB's that we've listed online have not included any of the extensions that we provided above due to not being enough demand.
- We later on capitalized the first letter of the entire databases passwords and rescanned them which gave us a ton more than what we actually had from the first scan as Apple requires its users to do so when registering with Apple ID, so we then decided to do the same thing but with the last letter of the passwords. This gave us even more
- A breach means nothing in 2017 when you can just pull the exact same user information in smaller scales through companies
- that aren't as secure
- We believe the number of active credentials we have will keep on growing until the day of attack which is 7 April 2017
- Our calculations:
- If everything goes to plan we'll have enough power to factory reset 150 accounts per minute per script, Our server strength can currently handle 17 scripts per server,
- - 150 x 17 = 2550 accounts factory reset per minute per server
- - 2550 x 250 servers = 637500 accounts per minute
- - 637500 x 60 minutes = 38250000 million accounts reset per hour
- (Also this sum of "$75,000" is very inaccurate and was given to apple by one of our media team which offered $75,000 per person which was later upped to $100,000 per person. There are 7 members in the group. We also requested additional stuff from Apple which we would prefer to keep it private)
- Turkish Crime Family
RAW Paste Data