Go Back   MacRumors Forums > News and Article Discussion > iOS Blog Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old May 28, 2014, 02:11 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Apple Denies iCloud Hack as Cause of Locked iOS Device Ransom Demands




Earlier this week, a number of iOS and Mac users reported iPhones, iPads, and Macs being remotely locked by hackers who then demanded a ransom for their recovery.

The attacks primarily affected those located in Australia. While there have been many theories about common points of attack, no one theme has emerged. Some users also deny that passwords were shared with other services.

ZDNet reports that Apple has issued an official statement denying that iCloud itself was hacked.
Quote:
Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.
A growing discussion thread on Apple's support forums is following the issue.

Thanks Dominik

Article Link: Apple Denies iCloud Hack as Cause of Locked iOS Device Ransom Demands
MacRumors is offline   0 Reply With Quote
Old May 28, 2014, 02:15 AM   #2
surfingarbo
macrumors member
 
Join Date: Jun 2011
Location: Calgary, AB, Canada
Who actually asks for a ransom in typed-text format? Real ransom's are made with individual letters cut from magazines with a scissors.
__________________
2013 MacBook Pro 15" | iPad Air | iPhone 6 | 2009 Mac Mini | iPod Nano 5th Generation | iPod Classic 5th Generation
surfingarbo is offline   15 Reply With Quote
Old May 28, 2014, 02:35 AM   #3
Westside guy
macrumors 601
 
Westside guy's Avatar
 
Join Date: Oct 2003
Location: The soggy part of the Pacific NW
Quote:
Originally Posted by surfingarbo View Post
Who actually asks for a ransom in typed-text format? Real ransom's are made with individual letters cut from magazines with a scissors.
Plus there's probably an iOS app to simulate that look.
__________________
Your post count is insufficient to view signature
Westside guy is offline   1 Reply With Quote
Old May 28, 2014, 02:35 AM   #4
Ammanas
macrumors newbie
 
Join Date: Feb 2014
Does anyone have trouble accessing the support thread given ?

I get this notice:



Though it seems that the support site on the American and Australia websites are working fine ...
Ammanas is offline   0 Reply With Quote
Old May 28, 2014, 02:35 AM   #5
WBRacing
macrumors regular
 
Join Date: Nov 2012
Given that Spotify recently recommended that all android users change their spotify account passwords after one account was potentially compromised, it is interesting to see Apple take a much more "nothing to do with us" stance. I hope for their sake that they are 100% sure on that one.
WBRacing is offline   3 Reply With Quote
Old May 28, 2014, 03:01 AM   #6
iGuyS
macrumors newbie
 
Join Date: Nov 2013
Surely there was some way Apple could have defended itself without sounding like it was just blaming its users.

Defensive Apple sounds defensive.
iGuyS is offline   5 Reply With Quote
Old May 28, 2014, 03:19 AM   #7
lk400
macrumors 6502a
 
Join Date: Aug 2012
Quote:
Originally Posted by iGuyS View Post
Surely there was some way Apple could have defended itself without sounding like it was just blaming its users.

Defensive Apple sounds defensive.
Not wanting to defend anyone here - but can you show me where they blame the users? Is their advice bad?
lk400 is offline   0 Reply With Quote
Old May 28, 2014, 03:35 AM   #8
GoCubsGo
macrumors Nehalem
 
GoCubsGo's Avatar
 
Join Date: Feb 2005
Quote:
Originally Posted by lk400 View Post
Not wanting to defend anyone here - but can you show me where they blame the users? Is their advice bad?
They're advice isn't bad but I feel like I've seen Apple take the "it's not us" stance before then later turn around and admit there was some breach or something. My memory could be wrong.
GoCubsGo is offline   3 Reply With Quote
Old May 28, 2014, 03:46 AM   #9
CrazyForApple
macrumors 6502
 
Join Date: Dec 2012
Location: Buffalo, NY
Send a message via AIM to CrazyForApple
Oh hope no one actually paid the hackers
CrazyForApple is offline   0 Reply With Quote
Old May 28, 2014, 03:59 AM   #10
silvetti
macrumors 6502
 
Join Date: Nov 2011
Location: Poland
It's so obvious this is a user problem (weak passwords) that I don't even know why people pay attention to this.
__________________
iPhone / iPad / iMac / TV / Airport Extreme
silvetti is offline   4 Reply With Quote
Old May 28, 2014, 04:12 AM   #11
karstas
macrumors 6502
 
Join Date: Apr 2014
Quote:
Originally Posted by silvetti View Post
It's so obvious this is a user problem (weak passwords) that I don't even know why people pay attention to this.
exactly, if there would be problem with Apple security system, it would be major issue, now only plenty people, which doesn't care about their security and using low security passwords
karstas is offline   0 Reply With Quote
Old May 28, 2014, 04:21 AM   #12
batchtaster
macrumors 6502a
 
Join Date: Mar 2008
"Coincidentally", this week I received a phishing attempt, claiming to be from Apple (which was obvious, and I reported through both SpamCop and Google). I've never received one from them - it's always been Amazon, PayPal, eBay, banks, etc. (Part of me actually went "well, it's about time.")

I would put money on the victims having fallen for the phish attempt, and deny having shared their password because they still believe that the link they clicked and divulged all their iCloud account details to "confirm" their account, was an Apple one.

Sorry, but until someone can prove the underlying iCloud infrastructure is to blame, I'm gonna call this user error.

Last edited by batchtaster; May 28, 2014 at 04:26 AM.
batchtaster is offline   2 Reply With Quote
Old May 28, 2014, 04:30 AM   #13
macs4nw
macrumors 68020
 
macs4nw's Avatar
 
Join Date: Sep 2010
Location: On Safari…..
Quote:
Originally Posted by lk400 View Post
Not wanting to defend anyone here - but can you show me where they blame the users? Is their advice bad?
Also, if this was iCloud related, you'd think the problem would be a lot more widespread. Sounds 'phishy' to me.
__________________
Due to my aversion to bragging and clichés, no words of wisdom to be found on this line.....
macs4nw is offline   2 Reply With Quote
Old May 28, 2014, 04:43 AM   #14
allanfries
macrumors regular
 
Join Date: Jun 2013
Location: Canada
I'm calling "user problem" as well. I know so many people that have poor passwords. Like their name for instance!!! :roll eyes: If iCloud was hacked, this would be appearing world wide, wouldn't you think?
__________________
13" MacBook pro 2.9GHz i7 ; 27" Cinema Display ; iPhone5s ; iPad mini2 ; appleTv3.
allanfries is offline   1 Reply With Quote
Old May 28, 2014, 05:56 AM   #15
activate
macrumors regular
 
Join Date: Dec 2011
In todays day& age, its a goldmine for a cybercriminal. Reminds of me when you watch old western movies and you see how easy they march in and rob a bank. Well we're that age in online years.
activate is offline   0 Reply With Quote
Old May 28, 2014, 06:45 AM   #16
whooleytoo
macrumors 603
 
whooleytoo's Avatar
 
Join Date: Aug 2002
Location: Cork, Ireland.
Send a message via AIM to whooleytoo
Quote:
Originally Posted by silvetti View Post
It's so obvious this is a user problem (weak passwords) that I don't even know why people pay attention to this.
Because guesswork isn't good enough. It's important to know.
__________________
Mac <- Macintosh <- McIntosh apples <- John McIntosh <- McIntosh surname <- "Mac an toshach" <- "Son of the Chief"
whooleytoo is offline   2 Reply With Quote
Old May 28, 2014, 07:25 AM   #17
albusseverus
macrumors 6502a
 
albusseverus's Avatar
 
Join Date: Nov 2007
Quote:
Originally Posted by silvetti View Post
It's so obvious this is a user problem (weak passwords) that I don't even know why people pay attention to this.
The unspoken issue here is — using Find My Device. If someone gets your password, your device becomes a sitting duck if that's turned on.

The world went mad when a journalist lost his baby photos, because someone social engineered his password and remote wiped his MacBook Air.

I don't see the same empathy when people less famous suffer extortion for using the same password on iCloud as somewhere else.

This is the downside of Find My Device. Keep those iCloud passwords unique. And don't use your iCloud email & password anywhere else. That's simple…
albusseverus is offline   1 Reply With Quote
Old May 28, 2014, 07:28 AM   #18
RightMACatU
macrumors 6502a
 
RightMACatU's Avatar
 
Join Date: Jul 2012
Location: 192.168.1.1
Quote:
Originally Posted by batchtaster View Post
...Sorry, but until someone can prove the underlying iCloud infrastructure is to blame, I'm gonna call this user error.
I like to refer to it as a chair-keyboard interface problem

----------

Quote:
Originally Posted by activate View Post
In todays day& age, its a goldmine for a cybercriminal. Reminds of me when you watch old western movies and you see how easy they march in and rob a bank. Well we're that age in online years.
Kinda like a Clint eAstwood era
RightMACatU is offline   0 Reply With Quote
Old May 28, 2014, 07:30 AM   #19
Plutonius
macrumors 601
 
Plutonius's Avatar
 
Join Date: Feb 2003
Location: New Hampshire
Quote:
Originally Posted by whooleytoo View Post
Because guesswork isn't good enough. It's important to know.
How do you expect to know other than the person responsible for it telling you what they did ?
Plutonius is offline   0 Reply With Quote
Old May 28, 2014, 07:37 AM   #20
roadbloc
macrumors 604
 
roadbloc's Avatar
 
Join Date: Aug 2009
Location: UK
I'm interested to know if effected users have two step authentication enabled.
__________________
roadbloc is offline   0 Reply With Quote
Old May 28, 2014, 08:00 AM   #21
Carlanga
macrumors 603
 
Carlanga's Avatar
 
Join Date: Nov 2009
Location: PR
Quote:
Originally Posted by albusseverus View Post
The unspoken issue here is — using Find My Device. If someone gets your password, your device becomes a sitting duck if that's turned on.

The world went mad when a journalist lost his baby photos, because someone social engineered his password and remote wiped his MacBook Air.

I don't see the same empathy when people less famous suffer extortion for using the same password on iCloud as somewhere else.

This is the downside of Find My Device. Keep those iCloud passwords unique. And don't use your iCloud email & password anywhere else. That's simple…
What world? I never heard of it and didn't see it anywhere? Maybe we just live in different planets lol
Carlanga is offline   0 Reply With Quote
Old May 28, 2014, 08:17 AM   #22
brilliantthings
macrumors regular
 
Join Date: Feb 2011
And if it is a user problem... How does that work?
brilliantthings is offline   0 Reply With Quote
Old May 28, 2014, 08:21 AM   #23
szw-mapple fan
macrumors 6502a
 
szw-mapple fan's Avatar
 
Join Date: Jul 2012
Quote:
Originally Posted by silvetti View Post
It's so obvious this is a user problem (weak passwords) that I don't even know why people pay attention to this.
Simple. Because it's apple. It makes for good stories and more clicks.
szw-mapple fan is offline   0 Reply With Quote
Old May 28, 2014, 08:36 AM   #24
jc1350
macrumors 6502a
 
Join Date: Feb 2008
Quote:
Originally Posted by Ammanas View Post
Does anyone have trouble accessing the support thread given ?

I get this notice:

Image

Though it seems that the support site on the American and Australia websites are working fine ...
It's a bad/malformed link. I copied it and took out everything after the thread number itself and that works:

https://discussions.apple.com/thread/6270410
jc1350 is offline   0 Reply With Quote
Old May 28, 2014, 08:39 AM   #25
LAS.mac
macrumors 6502
 
Join Date: May 2009
Location: Mexico
Two phishing attemps here too., from fake iTunes One claiming I bought some books in iBooks store (sending to a wen page in Poland for verification). The second one reporting some fake bought in the App Store. Quite we'll done, BTW...
LAS.mac is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > iOS Blog Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Problems removing IOS Device from ICloud YvonneUK1 iCloud and Apple Services 2 Nov 17, 2013 01:48 PM
General: Hack Your iOS Device Without Jailbreaking [How-To] DavidBlack iOS 6 6 Jan 28, 2013 07:28 PM
Samsung Denies Claims of Price Hikes for iOS Device Chip Production MacRumors MacRumors.com News Discussion 110 Nov 18, 2012 02:28 PM
What happens to my iCloud account when I no longer own an iOS device? holyv iCloud and Apple Services 4 Nov 5, 2012 09:14 PM
Setting up iCloud without an iOS 5 Device Dino F iPhone 3 Jun 11, 2012 11:04 AM

Forum Jump

All times are GMT -5. The time now is 09:35 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC