Two weeks ago, hackers hijacked several iOS and Mac devices in Australia, remotely locking them via iCloud and demanding a ransom from the owner to get the device unlocked.
"Device locked by Oleg Pliss," read the hijacker's message, along with a demand for $50 to $100. Quite a few users were affected and while early speculation suggested iCloud may have been hacked, Apple confirmed that iCloud was not compromised, and that hackers had instead gained access to Apple IDs and passwords, likely through other site breaches where they used similar credentials.
According to Russian site MKRU [Google Translate), the two hackers were caught after appearing on camera withdrawing a victim's ransom money from an ATM. The site also confirms the hackers gained access to Apple IDs and passwords via phishing pages and social engineering techniques, then used that information to lock devices. Russian users were also affected, which led to the investigation.
One method of obtaining login information involved a pre-owned account filled with movies and music that was sold to an unsuspecting victim. Once the person linked their own details with the account, it was vulnerable to being hijacked.
During the attacks, users who had passcodes enabled on their devices were able to bypass the hack, but those who had not previously set a passcode were out of luck, requiring a full reinstall of iOS. Apple recommends using a passcode with iOS devices, as well as two-step authentication, which can help thwart attacks like this one.
Article Link: Hackers Involved in Locking and Ransoming Apple Devices in Australia Arrested
