Apple devices are being hacked across Australia; users receiving ransom demands

Apple users across Australia are getting hit with ransom demands after their Macs, iPhones and iPads are being locked up by hackers.

Australians have woken up today to some really bad news. Many people are reporting their Apple devices are being locked up and that hackers are sending ransom demands across the board. The most common ransom note says the device has been locked by “Oleg Pliss” and that the user needs to send between $50 to $100 AUD to a Paypal account to get back control of their device.

This is pretty much the same MO that ransomware has. Ransomware is a type of malicious program that infects computers and then locks them asking the user for money to regain control. There has recently been an increase in ransomware attacks across the world and this person or group in Australia seems to be mimicking that attack pattern.

However there’s one major difference in this case: this phones aren’t infected. The attack doesn’t come from a malicious program that the unsuspecting victim installed on their Apple device, but rather it comes from compromised Apple IDs.

An IT security expert posited that the hackers may simply be using passwords stolen in unrelated security breaches of other companies, and that they’re simply taking advantage of the users’ tendencies to reuse passwords for multiple services. If this is the case it means the attack is targeting folks that aren’t using two-step authentication on their Apple accounts, otherwise the passwords wouldn’t be of much use to the hackers.

It’s also important to note that devices secured with a passcode haven’t fallen victim to this attack. Affected users said that despite receiving the ransom message, they could still use their passcode and easily regain control of their devices.

So far there hasn’t been any official response from Apple, while Telstra and other mobile carriers are shrugging responsibility and telling users they should contact the Cupertino company if they want the issue fixed. A PayPal spokesperson said one of the attacker’s Paypal addresses didn’t even exist, and that users who sent money would be refunded by PayPal.

Once again this underlines how much our society is changing thanks to all of the brand new devices, and that online security is more important than ever.

Source: Brisbane Times | Image via Apple and Brisbane Times

Report a problem with article
Previous Story

Review of the Synology DS414 NAS device

Next Story

Twitter is NOT releasing all of your data to every scientist on the planet

23 Comments - Add comment