Apple users have been reporting that their iPhone, iPad and mac devices have been digitally held hostage by hackers. The “Find my iPhone” feature designed to discourage theft by letting users shut down their smartphone remotely, has been compromised and used to hold devices for ransom. The notifications that are being received on their devices state, “Device hacked by Oleg Pliss,” and request ransom amounts ranging from $50-$100 to be sent via PayPal. The attacks started in Australia and New Zealand, but have recently spread to the US and Great Britain. Apple has acknowledged that they are aware of the situation and have stated that iCloud has not been compromised by this incident.
In recent months, database breaches have been occurring more frequently, with companies like eBay, Adobe, and Target all falling victim. It is possible that hackers could have obtained access to a compromised list of email addresses and passwords, taking advantage of the fact that many people will reuse the same account details for their Apple ID. This latest incident is a good reminder to change your passwords often, and to never reuse the same password across multiple accounts.
One way to be pro-active in strengthening security is to set a passcode for your device immediately. In order for a hacker to obtain your log on credentials they would also have to bypass your passcode to unlock your device. Another thing to consider is changing your password and/or taking advantage of the two-factor authentication. For more information on setting up two-factor authentication you can go to Apple’s website at http://support.apple.com/kb/ht5570.
If you have been affected by this exploit, Apple has stated that you should change your Apple ID password and contact AppleCare, or visit a local Apple Retail Store for additional help.
References:
http://www.telegraph.co.uk/technology/apple/10857715/iPhones-frozen-by-hackers-demanding-ransom.html
https://discussions.apple.com/thread/6270410?start=0&tstart=0
http://www.business-standard.com/article/news-ani/apple-s-find-my-phone-reportedly-misused-to-hack-iphone-ipad-macbooks-114052800784_1.html
http://www.zdnet.com/icloud-not-compromised-in-apple-id-attack-apple-7000029914/