The hackers have struck again but this time the iPhone is the victim. Tech savvy hackers have found a way to compromise the popular device by attacking the “Find My Phone” application. According to the articles published by The Telegraph, Apple has not weighed in on this situation and it does not appear they will be commenting. Check out the story as reported in The Telegraph:
iPhones frozen by hackers demanding ransom
People around the world have found their iPads and iPhones frozen by hackers who are demanding cash ransoms to unlock their devices
Owners of iPhones and iPads have been targeted by a hacker who is freezing iOS devices and demanding a ransom of up to £55 to unlock them.
The majority of the attacks have taken place in Australia although there are also reports of Britons being affected.
It appears that the hacker, who goes by the name Oleg Pliss, has managed to exploit the Find My iPhone feature which can track and remotely lock stolen devices.
Users have been told to send ransoms of between $50 and $100 Australian dollars (up to £55) to a PayPal account in order to have their devices unlocked.
Those affected have taken to Apple’s support forums to seek help. One user, veritylikestea from Melbourne, said: “I was using my iPad a short while ago when suddenly it locked itself.
“I went to check my phone and there was a message on the screen (it’s still there) saying that my device(s) had been hacked by ‘Oleg Pliss’ and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me.
“I have no idea how this has happened. I am not aware of having been exposed to malware or anything else, although i did recently purchase some new apps – perhaps one of these has something to do with it? I don’t know.”
Another user, Werewabbit, said: “I live in the UK and this has also happened to me yesterday. Very worrying. And not a peep from Apple yet. I have managed to change all my account details and passwords, but just feels worrying.”
An Australian government website, Stay Smart Online, has told affected users not to pay the ransom.
“Currently there is only speculation about how the attacks have been carried out. Apple has not yet responded officially,” it says.
“With the possibility that this attack is linked to your ‘Apple ID’, affected users are advised to change your Apple ID password as soon as possible.
“It is not confirmed if or how these Apple IDs and passwords were accessed, but suggestions include that hackers may be simply reusing information they may have discovered during a breach of other online services. Unfortunately, many people still commonly reuse the same password for many of their online accounts. ”
We contacted Apple but was told that the company would not be commenting on the issue.
David Emm, from security firm Kaspersky Lab, said: “It seems likely that cybercriminals gained access to Apple ID credentials, for example by using phishing e-mails targeting Apple IDs.
“Such scams have been around for years. By using the credentials to access an Apple iCloud account, the attackers can enable the ‘Find My iPhone’ service – this is not only able to locate a lost or stolen device, but also to set a passcode preventing third parties from accessing the personal data stored on the smartphone.
“This is clearly a form of ransomware, previously only seen on PC and, recently, on Android devices – although in these cases malware was used to trigger this behaviour. This campaign is further proof that cybercriminals are adopting criminal business models developed for the PC, applying them to new areas and fine-tuning their methods.”
Source: The Telegraph