iPhone iPhone Hack?

Discussion in 'iOS 9' started by Pilot6612, Feb 19, 2016.

  1. Pilot6612 macrumors newbie

    Joined:
    Feb 19, 2016
    #1
    Hello everyone.

    This morning, a strange thing happened to my girlfriend. All of a sudden following message appeared on her iPhone 5 screen :

    [​IMG]

    Message says : "In order to recieve a password, please write to e-mail: helpappleusa@gmail.com"

    She was locked out of her phone by something. When she slided to unlock, following screen appeared :

    [​IMG]

    All functions were reduced to screen from picture 1, screen from picture 2 and recieving calls. Also when I call her, iPhone only shows my number, not my contact name. Also, battery status in upper left corner is yellow. Thats all. There is nothing we can do with her phone. I checked her phone via Find iPhone, and it was set in Lost Mode, with red locked padlock icon on phone. Its clear that someone has logged into her iCloud account. So we :
    - logged into her iCloud and changed her password
    - turned off Lost Mode on her iPhone
    - phone is still acting the same way

    Other facts >
    iPhone is not jailbraked (dont know if it is even still possible).
    iPhone was not protected with passcode ever before.

    Can anyone please tell me what is this and help us? Have you ever heard about something like this? Is restore to factory state only solution? Is it even a solution?



    Thank you
     
  2. mikeo007 macrumors 65816

    Joined:
    Mar 18, 2010
    #3
    Looks like this happened to a few people last night, myself included. If there was never a PIN code on the phone, the only way to get it working again is to erase and restore it from a backup. As long as she has a recent backup, you can erase the phone from the Find My iPhone website
     
  3. Pilot6612 thread starter macrumors newbie

    Joined:
    Feb 19, 2016
    #4
    Yep I thought so. I'm asking because this does not look like simple lock from iCloud account. I never did lock my iPhone via iCloud on web, but since you lock it, can't you also unlock it through iCloud? Also the screen where passcode is entered is different from default system screen.
     
  4. b0fh666 macrumors 6502a

    b0fh666

    Joined:
    Oct 12, 2012
    Location:
    south
    #5
    so, the FBI can't but some random chinese hacker can do this to an unjailbroken iphone? interesting.
     
  5. mikeo007 macrumors 65816

    Joined:
    Mar 18, 2010
    #6
    It is how the "lost mode" lock works unfortunately. You can turn off lost mode, but it doesn't deactivate the PIN on the phone. It actually tells you this when you deactivate lost mode from Find My iPhone.
     
  6. BrianBaughn macrumors 601

    BrianBaughn

    Joined:
    Feb 13, 2011
    Location:
    Baltimore, Maryland
    #7
    What is keeping you from calling Apple about this?
     
  7. Pilot6612 thread starter macrumors newbie

    Joined:
    Feb 19, 2016
    #8
    Aha ... wasn't there when she did it. So restore to factory settings is the only way?
     
  8. mikeo007 macrumors 65816

    Joined:
    Mar 18, 2010
    #9
    Yup, I tried everything else I could think of. Wipe and restore is the only thing that worked.
     
  9. Pilot6612 thread starter macrumors newbie

    Joined:
    Feb 19, 2016
    #10
    OK. Thanks for help and fast response to all.
     
  10. CJoshDoll macrumors newbie

    Joined:
    Nov 7, 2013
    #11
    IIRC when you do this, it sets an ADDITIONAL lock code, hence why the unlock screen is different. I don't believe it removes the old one, only adds a second one, thus wouldnt help bypass a PIN. I have an extra iPhone sitting on my desk, I may test it later.
     
  11. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #12
    What does one thing have to do with someone accessing someone's iCloud account by stealing (or guessing) their password?
     
  12. Pilot6612 thread starter macrumors newbie

    Joined:
    Feb 19, 2016
    #13
    OK. New thing. I start my girlfriends MacBook Pro to restore iPhone and guess what. Same thing. MacBook suddenly restarted and now he wants PIN to unlock everything.
     
  13. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #14
    Part of the same iCloud account? Sounds like the account was hacked and someone locked all the devices basically.
     
  14. Pilot6612 thread starter macrumors newbie

    Joined:
    Feb 19, 2016
  15. vanasian macrumors member

    vanasian

    Joined:
    Oct 5, 2013
    #16
    I wonder if you still can log in to iCloud (...@icloud.com) with the old password. If u can, then change the password and delete hacker's email. Good luck.
     
  16. CJoshDoll macrumors newbie

    Joined:
    Nov 7, 2013
    #17
    If you can't login to iCloud, contact apple support, I would think if you can verify enough information, they should be able to reset your iCloud password. Worst case, may have to make a Genius appt, with the devices in hand (and hopefully some proof of purchase, but you can certainly prove you are the acct holder of the phone service) and see if they can help.

    Unless you / she has a recovery email address (that is not @icloud.com / me.com) and you should be able to reset the password to icloud that way.

    Once you get this all figured out, make sure you enable two-factor authentication for icloud!!!!!
     
  17. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #18
    Unless I'm reading it wrong, it seems that based on what's mentioned in the OP they were able to login to iCloud and change the password already and even take the phone out of lost mode.
     
  18. Pilot6612 thread starter macrumors newbie

    Joined:
    Feb 19, 2016
    #19
    @C DM exactly. We did. iCloud pass have been changed, iPhones Lost Mode disabled. And my GF in panic also removed MBP from devices in iCloud. However, it looks like it was already too late. She did it before lunch. When I opened her MBP, it was around 4:30 p.m. and was already "infected".
     
  19. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #20
    Well, it's not really that it was infected as it was just placed into lost mode via iCloud and locked in relation to that. Not sure if removing the devices from iCloud was a good idea vs. leaving them but either changing the PIN via lost mode or disabling lost mode (which would hopefully disable the lost mode PIN) -- sounds like what's mentioned at https://support.apple.com/en-us/HT204306 might be of some help.
     
  20. Pilot6612 thread starter macrumors newbie

    Joined:
    Feb 19, 2016
    #21
    Well I also said that removing MBP from devices was not a good idea. But its done so no way back. Now we don't know if the MBP is also in lost mode or not. I was just surprised cause she didn't used her MBP for like 3 days, which means he must have received the info about lock in those 7 seconds before he rebooted himself. Or is MBP doing some things while sleeping?
     
  21. CJoshDoll macrumors newbie

    Joined:
    Nov 7, 2013
    #22
    Lots of factors affect this...if she was working without internet access, then once it grabbed internet it got the message to lock, anything interfering with that message would have delayed the lock.

    At this point, I think your only option is to contact Apple Support and / or Genius Bar. Now that it is removed from iCloud, I think you are hosed.
     

Share This Page