Hackers Remotely Locking iPhones in Australia for Ransom

Australian hackers found a new way to earn money, asking ransom for unlocking iOS running devices.

Quite recently people around the world have found their Apple devices locked by unknown hackers who are demanding certain sums of money to restore work of iPhone and iPads. Photo: Kārlis Dambrāns/Flickr

Quite recently people around the world have found their Apple devices locked by unknown hackers who are demanding certain sums of money to restore work of iPhone and iPads. Photo: Kārlis Dambrāns/Flickr

iPads and iPhones’ owners have become a target of a hacker who is freezing iOS running devices and demanding a ransom of up to £55 to unlock them.

The majority of the attacks took place in Australia although there are also reports of Britons being affected, writes The Telegraph.

It appears that the hacker, who identifies himself as Oleg Pliss, has managed to exploit the Find My iPhone feature which can track and remotely lock stolen devices.

Users were ‘offered’ to provide cash ransoms by sending money to a PayPal account.

Some of the affected users have taken to Apple’s support forums to find out what has happened and how to fix it. One iPad user, veritylikestea from Melbourne, said: “I was using my iPad a short while ago when suddenly it locked itself.”

“I went to check my phone and there was a message on the screen (it’s still there) saying that my device(s) had been hacked by ‘Oleg Pliss’ and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me.”

“I have no idea how this has happened. I am not aware of having been exposed to malware or anything else, although i did recently purchase some new apps – perhaps one of these has something to do with it? I don’t know.”

Another user, Werewabbit, said: “I live in the UK and this has also happened to me yesterday. Very worrying. And not a peep from Apple yet. I have managed to change all my account details and passwords, but just feels worrying.”

An Australian government website, Stay Smart Online, warned affected users not to pay the ransom.

“Currently there is only speculation about how the attacks have been carried out. Apple has not yet responded officially,” it says.

“With the possibility that this attack is linked to your ‘Apple ID’, affected users are advised to change your Apple ID password as soon as possible.”

“It is not confirmed if or how these Apple IDs and passwords were accessed, but suggestions include that hackers may be simply reusing information they may have discovered during a breach of other online services. Unfortunately, many people still commonly reuse the same password for many of their online accounts. ”

David Emm, from security firm Kaspersky Lab, said: “It seems likely that cybercriminals gained access to Apple ID credentials, for example by using phishing e-mails targeting Apple IDs.

“Such scams have been around for years. By using the credentials to access an Apple iCloud account, the attackers can enable the ‘Find My iPhone’ service – this is not only able to locate a lost or stolen device, but also to set a passcode preventing third parties from accessing the personal data stored on the smartphone.”

“This is clearly a form of ransomware, previously only seen on PC and, recently, on Android devices – although in these cases malware was used to trigger this behaviour. This campaign is further proof that cybercriminals are adopting criminal business models developed for the PC, applying them to new areas and fine-tuning their methods,” the specialist added.

Share this article

We welcome comments that advance the story directly or with relevant tangential information. We try to block comments that use offensive language, all capital letters or appear to be spam, and we review comments frequently to ensure they meet our standards. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Coinspeaker Ltd.