Apple iDevices hijacked, held to ransom

BEN GRUBB
Last updated 15:19 27/05/2014
What part of the hacker's message looks like on an iMac screen.

Relevant offers

Owners of Apple devices are having them digitally held for ransom by hackers demanding payment before they will relinquish control.

iPads, iPhone and Mac owners in Queensland, NSW, Western Australia, South Australia and Victoria have reported having their devices held hostage.

One iPhone user, a Fairfax Media employee in Sydney, said she was awoken at 4am on Tuesday to a loud "lost phone" message that said "Oleg Pliss" had hacked their phone. She was instructed to send $50 to a PayPal account to have it unlocked.

It is likely hackers are using the unusual name as a front to get money from people. A real Oleg Pliss is a software engineer at tech company Oracle. A similar name is listed on LInkedIn as a banking professional in Ukraine, while there are others in Russia.

Affected users have been discussing the issue on Apple's own support forum.

Users who have a passcode on their device appear to be able to unlock it after the hacker has sent them the message demanding payment, but those who had not set a passcode are unable to.

Dozens of others across the country reported similar early morning messages.

A Melbourne Apple user reported the issue affecting their iPad. "I was using my iPad a short while ago when suddenly it locked itself," the user, "veritylikestea", wrote on Monday.

"I went to check my phone and there was a message on the screen ... saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by Paypal to lock404@hotmail.com) to return them to me. I have no idea how this has happened."

Those with iPhones say they have been calling Telstra, Vodafone and Optus to try to fix the issue. Some have been calling Apple directly.

"Vodafone kept saying 'iPhone can't be hacked,' " one Apple user, "Shleighbo", wrote.

Ad Feedback

"Rang Telstra and they said it is an Apple issue," another, "georgie81", said.

"The Optus tech support was not helpful," said yet another user, "Bettybam".

Comment is being sought from Apple and Telstra. Vodafone said no customers had reported the issue to its customer support centre.

Optus said if customers had any questions about their Apple devices, they "should speak directly to Apple".

The Australian Competition and Consumer Commission, which runs the federal government's Scam Watch website, said one user had reported the issue to it.

Troy Hunt, an IT security expert, speculated that hackers were using compromised login credentials from recent data breaches to access accounts and lock users out.

As is often the case, web users largely use the same password across their multiple online services, meaning that if their password is compromised in a breach at one firm and they do not change it, their other accounts become vulnerable.

"It’s quite possible this is occurring by exploiting password reuse," Hunt said. "Regardless of how difficult someone believes a password is to guess, if it's been compromised in another service and exposed in an unencrypted fashion, then it puts every other service where it has been reused at risk. Of course it also suggests that two-factor authentication was likely not used as the password alone wouldn't have granted the attacker access to the iCloud account."

Two-factor authentication can be enabled on Apple accounts by visiting: http://support.apple.com/kb/ht5570. It acts as a second layer of security by making users have to enter a code that is sent to their mobile device before they are granted access to their account.

It is recommended affected users contact Apple directly to regain access to their account. If the hacker has set a passcode on iPhones, instructions on how to bypass it can be found at: http://support.apple.com/kb/ht1212.

Once users regain control of their accounts, it is recommended they change their passwords.

A similar type of hack was used by criminals to delete a Wired journalist's digital presence in 2012, resulting in all files kept on his Mac and iPhone being destroyed.

Malicious software, known as "ransomware", is also a popular tool used by online criminals to extort money from users by scaring them into thinking the police is after them for either child abuse or copyright infringement offences.

Comments

Special offers

Featured Promotions

Sponsored Content

My Career