A number of iOS and Mac users in Australia are reporting on Apple Support Communities and Twitter that their iPhones, iPads and Macs are being locked remotely by hackers, and are demanding a ransom to get access to their devices again.
Hackers seem to be using Find my iPhone to remotely lock the device.
Based on this Apple Support Communities thread, it looks like the issue started earlier today (or yesterday if you’re in Australia). User veritylikestea from Melbourne, Australia writes:
i was using my ipad a short while ago when suddenly it locked itself, and was askiwhich I’d never previously set up. I went to check my phone and there was a message on the screen (it’s still there) saying that my device(s) had been hacked by ‘Oleg Pliss’ and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me.
It looks like quite a few users have been targeted by the hackers, as the thread had 163 comments at the time of posting this article. As you can see below, several users have reported a similar issue on Twitter as well.
https://twitter.com/athanaelucev/statuses/470926027716173824
https://twitter.com/mindychops/statuses/471088771123785729
https://twitter.com/_caseymaree_/statuses/471026601514119168
my phone and ipad have been hacked overnight, message on screen says "your device has been hacked by oleg pliss… http://t.co/fFiwPksX7o
— Eva Goes (@Eva53) May 26, 2014
@ashermoses @Devar This happened to my mum's iPad last night. I changed her iCloud password and took the phone out of lost mode, locked tho
— Matt (@abstractg) May 27, 2014
Hackers are demanding a ransom of $50 in some cases. IT security expert, Troy Hunt speculates that the hackers may be using compromised login information from recent data breaches to gain access to iCloud accounts and lock the device remotely. He points out that these accounts probably did not have two-step verification enabled.
Apple is yet to comment on the issue, but it seems quite alarming. It highlights the need to setup two-step verification that could prevent such incidents, so I would strongly recommend you to enable it if you haven’t done so already. It is quite straightforward, and will take you two minutes to enable it. Check out our step-by-step guide if you need help in setting it up.
[The Age via MacRumors]
