iPhone 'ransomware' hack: Apple owners faced with demands to hand over money to have phones unlocked
Find My iPhone software hijacked in Australia, say reports on Apple's forums
Tuesday 27 May 2014
An iPhone feature designed to discourage theft by letting users shut down their smartphone remotely has reportedly being compromised by hackers using it to hold mobiles to ransom.
Posts from Apple’s official support forums describe how users’ Find My iPhone feature (also available for the iPad) has been hijacked by fraudsters who shut down the gadget before demanding money over PayPal.
“I was using my iPad a short while ago when suddenly it locked itself,” wrote a user from Melbourne. “I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by PayPal to lock404(at)hotmail.com) to return them to me.”
Other users responded with stories of similar hacks, some noting that troubleshooting tips suggested by Apple helped them regain control of their mobile, while others complained that these steps had only worked temporarily, with the hackers regaining control soon after.
A photo of the ransom message posted by an Apple suport forum user.
The first reports on the Apple forum were posted on 26 May with multiple individuals reporting identical hacks by someone identifying themselves as ‘Oleg Pliss’. One user noted that this is the name of a well-known San Francisco-based software engineer, suggesting perhaps that the hacker is familiar with professional computing circles.
The vast majority of complaints have come from Australia, but the problem might be spreading. One individual said they were based in New Zealand while another named Werewabbit said “I live in the UK and this has also happened to me yesterday. Very worrying. And not a peep from Apple yet.”
The hack doesn’t appear to be limited to a single network operator and with Apple declining to comment it’s not clear where the security breach might have occurred.
Speaking to Australian news site WAtoday, IT security expert Troy Hunt suggested that the hacks might be caused by individuals re-using passwords lost in previous data breaches for their iCloud account, the Apple log-in system that grants access to the Find My iPhone feature.
“Regardless of how difficult someone believes a password is to guess, if it's been compromised in another service and exposed in an unencrypted fashion, then it puts every other service where it has been reused at risk,” Mr Hunt told the paper.
We contacted Apple for comment but a spokesperson said the company has yet to issue a statement.
Life & Style blogs
iPhone 6 will function as 'mobile wallet' following Apple deal with Visa - reports
Half of young women unable to ‘locate vagina’ and 65% find it difficult to say the word
Is Apple's iCloud safe after leak of Jennifer Lawrence and other celebrities' nude photos?
Three quarters of the Ikea catalogue is CGI
Anal sex study reveals climate of 'coercion'
Rotherham child sex abuse scandal: Labour Home Office to be probed over what Tony Blair's government knew - and when
What do immigrants really think of Britain? Polish immigrant's Reddit post goes viral
Ashya King: Parents of five-year-old boy refused permission to visit him in hospital and denied bail at Spanish court
With Douglas Carswell joining Ukip, my party has taken another giant step forward
When elitism grips the top of British society to this extent, there is only one answer: abolish private schools
Ashya King: 'Cruel NHS has not given us the treatment we need', says father of five-year-old with brain tumour who fled to Spain
- 2 Saudis risk new Muslim division with proposal to move Mohamed’s tomb
- 3 A teacher speaks out: 'I'm effectively being forced out of a career that I wanted to love'
- 4 Cee Lo Green: It is only rape if the victim is conscious
- 5 Nigerian witch-finder Helen Ukpabio threatens legal action against human rights organisations
iJobs Gadgets & Tech
£40000 - £50000 per annum + Benefits, Training & Bonus: Harrington Starr: C# S...
£35000 - £36500 per annum: Ashdown Group: Systems Administrator (SharePoint) -...
£600 - £800 per day: Harrington Starr: Derivatives Risk Commodities Business A...
£600 - £800 per day: Harrington Starr: Power & Gas Business Analyst/Subject Ma...