Tuesday, June 3, 2014

Hackers take iPhones HOSTAGE and demand ransom money: iCloud accounts are being used to remotely lock devices

  • Attacks are thought to have originated in Australia and spread worldwide
  • Hackers, under the name ‘Oleg Pliss’ are accessing users’ iCloud accounts to enable the Find my iPhone feature
  • Once enabled, they lock the phone remotely and demand ransom money  
  • This pop-up can be programmed to say a personalised message
  • The hackers are demanding hundreds of dollars to unlock the device 
  • Apple assured users its iCloud service has not been breached


  • Increasing numbers of iPhone and iPad users are being targeted by hackers who are remotely locking their devices and demanding ransom money in return.
    Ransomware attacks, in which criminals remotely gain access to a device and hold it hostage, aren’t new, but they have traditionally targeted laptops and PCs.
    In this latest mobile attack, the hackers are controlling gadgets by breaking into customers' iCloud accounts and remotely locking the devices using the Find My iPhone feature.

    The attacks began last week in Australia, but customers from across the globe have reported the hack on official Apple support forums and tech sites.
    Based on these reports, criminals are hacking into iCloud accounts from a browser, before locating connected devices using the Find My iPhone feature.
    In some instances, customers have multiple Apple products including iPhones, iPads, iPods and Macs attached to the same account.
    The hackers, operating under the name 'Oleg Pliss', are then enabling Lock Mode to shut the devices down remotely.
    This feature lets people send messages to thieves, for example, letting them know that the phone has been locked.
    In this instance, hackers are personalising these messages to demand $100 in ransom money to release the devices. 
    The hack only works on handsets that have the Find My iPhone feature switched on, and this is accessible in Settings. 
    Apple told the MailOnline: ‘Apple takes security very seriously and iCloud was not compromised during this incident.

    ‘Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. 
    'Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.’
    To change an Apple ID, go to appleid.apple.com and follow the steps to reset the password. 
    Users that have a passcode on their iOS devices can remove Lost Mode in Settings, using this PIN. 
    Although the attacks began last week, they show no signs of stopping.
    They appear to be scam in which hackers are stealing details from other websites and using the same login details to access as many accounts as possible - including iCloud.
    It highlights, again, the need to have different login details for different accounts.


    No comments:

    Post a Comment