Apple ID is the keystone of all services and apps running on Apple platforms. It is the most important credential to access iCloud, to purchase apps or music, to talk with friends or families by Messages/FaceTime, to remotely manage iPhone and Mac, to synchronize our mail, photo, calendar and documents among devices and cloud. Since its extreme importance, Apple ID has become one of the most favorite goods in the underground market!
In this topic, we will present several real world attacks to or based on Apple IDs, affecting a huge number of users globally. Some of them even led to arresting and judgement. We are going to present our observations and investigations on these questions: 1) how could attacker grab large amounts of Apple IDs? 2) how could them make profit from those stolen Apple accounts (there are many ways!)? 3) what Apple have done and could do in further to mitigate the issue? 4) how can we protect ourselves by existing solutions?