Hackers Use Find My iPhone Feature To Lock iPhones And Demand Ransom
May 27, 2014

Apple Device Owners In Australia Wake Up To Ransom Demands From Hackers

Peter Suciu for redOrbit.com - Your Universe Online

Apple's "Find My iPhone" feature is a handy thing to have when one misplaces a phone, but owners of Mac and iOS devices in Australia found that the feature is a handy thing for hackers as well. News broke on Tuesday morning that some users of the Apple products have had their devices digitally held for ransom by hackers – who were demanding payment before relinquishing control of the device.

Australian newspaper The Age broke the news that "iPad, iPhone and Mac owners in Queensland, NSW, Western Australia, South Australia and Victoria have reported having their devices held hostage."

Posts on the Apple Support Communities have confirmed that users have had their devices locked.

One user, named veritylikestea, from Melbourne posted:

"i was using my ipad a short while ago when suddenly it locked itself, and was askiwhich I'd never previously set up. I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me."

The Age reported that it is likely the hackers behind this cybercrime are using the unusual name as a front to get money from those who are being held hostage. The paper added that a real "Oleg Pliss" is a software engineer at tech giant Oracle, while a similar name is listed on the networking service LinkedIN as a banking professional in the Ukraine. While perhaps not exactly the Russian equivalent of "Joe Smith," there are numerous Oleg Pliss in Russia.

Hackers apparently gained control of the devices through the users' iCloud accounts, but as of press time Tuesday it is unclear how this was accomplished. Apple Insider suggested that "password reuse is a likely scenario."

Those targeted in the attack were said to have received a message that alerted the owner to a "Find My iPhone" or "Find My Mac" remote lock. Many messages reportedly had an accompanying message that said, "Device hacked by Oleg Pliss."

Users should not PAY the ransom.

Apple Insider added, "Savvy owners who set an access passcode for their computer or iOS device were able to regain control of their device following receipt of the message. Limited by design, Find My iPhone's functionality only allows users to set a password for devices that don't already have one logged."

Those device owners who did not set a passcode prior to this hack have been reportedly unable to take back their devices, but Apple does provide a workaround to resolve the issues. Some users will likely have to contact customer support to completely remedy this issue.

While it is probably of little consequence to those users now dealing with a major headache, security experts suggest that two-factor authentication would help reduce the likelihood of such a hack from being successful.

"Regardless of how difficult someone believes a password is to guess, if it's been compromised in another service and exposed in an unencrypted fashion, then it puts every other service where it has been reused at risk," IT security expert Troy Hunt told The Sydney Morning Herald. "Of course it also suggests that two-factor authentication was likely not used as the password alone wouldn't have granted the attacker access to the iCloud account."