A number of iOS and Mac users in Australia are reporting on Apple Support Communities and Twitter that their iPhones, iPads and Macs are being locked remotely by hackers, and are demanding a ransom to get access to their devices again.
Hackers seem to be using Find my iPhone to remotely lock the device.
Based on this Apple Support Communities thread, it looks like the issue started earlier today (or yesterday if you’re in Australia). User veritylikestea from Melbourne, Australia writes:
i was using my ipad a short while ago when suddenly it locked itself, and was askiwhich I’d never previously set up. I went to check my phone and there was a message on the screen (it’s still there) saying that my device(s) had been hacked by ‘Oleg Pliss’ and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me.
It looks like quite a few users have been targeted by the hackers, as the thread had 163 comments at the time of posting this article. As you can see below, several users have reported a similar issue on Twitter as well.
Ok just got a 'found your phone' email from Find my iPhone, then got a message on my phone to say it had been hacked. Should I be worried?
— Athanae Lucev (@athanaelucev) May 26, 2014
Has anyone had their phone weirdly hacked through unprompted use of Find My iPhone?
— Ms Mindy Chops (@mindychops) May 27, 2014
Woken up at 2am by hacked 'Find My iPhone' asking for money, no sleeping after trying to sort that out so at work at 6am: Today will be fun.
— Casey Maree (@_caseymaree_) May 26, 2014
my phone and ipad have been hacked overnight, message on screen says "your device has been hacked by oleg pliss… http://t.co/fFiwPksX7o
— Eva Goes (@Eva53) May 26, 2014
— Matt (@abstractg) May 27, 2014
Hackers are demanding a ransom of $50 in some cases. IT security expert, Troy Hunt speculates that the hackers may be using compromised login information from recent data breaches to gain access to iCloud accounts and lock the device remotely. He points out that these accounts probably did not have two-step verification enabled.
Apple is yet to comment on the issue, but it seems quite alarming. It highlights the need to setup two-step verification that could prevent such incidents, so I would strongly recommend you to enable it if you haven’t done so already. It is quite straightforward, and will take you two minutes to enable it. Check out our step-by-step guide if you need help in setting it up.