The group that claimed to have collected millions of iCloud and Apple account credentials and threatened to erase them in order to extort money from Apple reportedly received payment on Friday.
Around 4:50 p.m. EDT, the Turkish Crime Family—a collective of apparent hackers and data collectors— received a payment of just over 401.78 BTC, or about $482,000. The group had been threatening to remotely erase a database of iCloud accounts it had collected if it did not receive payment.
The origin of the payment is unclear, but given the company’s previous statements on the issue, it is unlikely the payment came from Apple. The transaction was believed to have been sent through a Bitcoin tumbler, which are designed to anonymize cryptocurrency transactions so they cannot be traced back to an individual.
Apple did not respond to a request for comment.
A member of the Turkish Crime Family operating the group’s Twitter account told International Business Times the group couldn’t provide any confirmation where the payment came from, but said, “either way somebody with 400k+ making these claims should not be taken as a joke.”
The group member said the Turkish Crime Family will “not attack Apple” as a result of the payment. “A deal is a deal,” the account proprietor said.
Security researcher Troy Hunt suggested on Twitter that the transaction was fake. Using a tumbler may be evidence of this, as it obscures the sender of the the funds, which Hunt intimated was the group itself attempting to save face.
The alleged payment came hours after the group’s initial deadline of 7:30 p.m. GMT (3:30 p.m. EDT), though the group claimed on Twitter to be in touch with a “negotiator” who was working on an agreement with Apple.
The group claimed to be in possession of an upward of 800 million Apple and iCloud credentials, which it gathered and assembled from a number of previous database leaks. A sample of the accounts indicated that at least some of them were valid, but it is impossible to say how many may have been affected had the threat been carried out.
Despite ending the iCloud attack—whether because the group received its requested ransom or because it never had the resources to carry out the attack in the first place—a member of the group promised that the Turkish Crime Family had future plans in the works.
The member said the group is still intending to launch an “unlocks service” which appears to be a service where users will be able to pay $10 to get a password associated with an Apple ID. “This is just the start of the group,” the person said.