Hacked Apple Devices Held For Ransom In Australia

Some Apple device users in Australia and New Zealand report they're locked out of their devices and have received messages demanding ransom money.

Hacked Apple Devices Held For Ransom In Australia
The Age

Some Apple devices in Australia and New Zealand are reportedly being held for ransom. Yes, you heard that right.

A group of iPhone and iPad owners there took to this Apple forum early Tuesday morning after receiving similar "or-else" messages. One user writes, "I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss.'"

Those messages, as CNET reports, then requested users send $100 to a PayPal account to regain access to their devices.

This type of attack is known as "ransomware." However, Naked Security says this one is a bit different because the affected devices aren't infected with malware, according to reports.

The attack was first reported by The Age. It says that name, "Oleg Pliss," is real, but it's probably not who's behind the attack. "It is likely hackers are using the unusual name as a front to get money from people."

It appears whoever is behind the ransomware is locking phones via Apple's Find My iPhone feature.

But this can only be accessed using an Apple ID and password. So the hackers have those — but how? (Via Apple)

The Los Angeles Times reports on one theory most in the media agree with. "The hacker may have gained access to users' accounts with information from databases stolen from other tech companies."

Think about it. AOL, Adobe, Yahoo and — just last week — eBay have all fallen victim to recent security breaches.

And as with those breaches, the best defense here is a strong password that's unique from other sites and tech services.

The only defense for those who've already been hacked, though, was having a passcode or Touch ID. (Via Apple)

9to5Mac reports: "If you've created a passcode on your device, you (or [malicious] users with access to your account) cannot change it from Find My iPhone. It can only be changed or removed directly from the device."

Hint: If you don't have a passcode, get one. Also, now might be a good time to go online and set up two-step verification on your Apple ID.

This way, anytime you or someone else types in your Apple ID password, you'll receive a text with a four-digit code. You — or whoever — would then be required to enter that code before accessing anything with your Apple ID. (Via Apple)

So the hacker would need to steal your phone, too. Apple has yet to comment on the ransomware publicly.

But an information security consultant told the BBC Apple has to move quickly to reassure customers. "Even just to let them know what you're doing to deal with the issue can be reassuring. Remaining silent is not an option these days."