On Tuesday, the UK’s National Crime Agency (NCA) arrested a young man on suspicion of hacking and extortion offenses, Motherboard has learned. The man has been bailed pending further enquiries, and the NCA will not elaborate further.
But according to someone who provided a copy of the alleged warrant to Motherboard, the arrest may be connected to the ongoing attempted extortion of Apple by a group calling itself the Turkish Crime Family.
“National Crime Agency officers arrested a 20 year-old male and searched an address in London, N10 on Tuesday 28 March in relation to suspected Computer Misuse Act and extortion offences,” an NCA spokesperson wrote in an email after being approached by Motherboard with a copy of the warrant.
Motherboard was alerted to the arrest by someone in control of the Turkish Crime Family email account. Last week, the group threatened to remotely wipe a number of Apple devices via alleged access to corresponding iCloud accounts unless the company paid a hefty ransom. The group has been capitalizing on a media frenzy in an attempt to collect more compromized Apple accounts.
According to the Turkish Crime Family, the man arrested has not been online since yesterday, the day of the search.
“He’s now being accused of creating and running the entire group. His friend was at his house during the raid and managed to film most of it and then send it to us,” the Turkish Crime Family claimed.
The group included a link to a video of supposed investigators carrying items out of a house, and photographs of an apparent search warrant. (Motherboard is declining to link to the video at this time). The date in the warrant, the postcode area, the suspect’s age, and the alleged crimes match those in the NCA’s statement.
The NCA would not confirm whether the name on the warrant matched that of the person the agency arrested. A photo posted to Twitter in January appears to show a letter addressed to the same person named in the warrant, claiming their email address had been found in records for Lizard Stresser, a DDoS-for-hire service.
Blackmail, obviously, is a serious offense under UK law. In a recent interview with Motherboard, Daniel Kelley, who was recently convicted of attempting to extort UK telco TalkTalk, warned other young people about getting into that sort of life.
“What I’ve done is essentially going to haunt me for the rest of my life,” he said. Kelley faces as much as 14 years in prison.
The newly arrested individual is suspected of having committed blackmail under Section 21 of the Theft Act 1968, and unauthorized access with intent to commit or facilitate commission of further offences under Section 2 of the Computer Misuse Act 1990, according to the warrant. Investigators were authorized to search for any router used by the suspect, as well as computer hardware, mobile phones, and digital storage devices.
Correction: This piece has been updated to correct the name of the convicted TalkTalk extortionist. His name is Daniel Kelley, not David Kelley. Motherboard regrets the error.