Why would hacker remotely wipe my iPad?

Discussion in 'iPad' started by mntentman, Jun 7, 2010.

  1. mntentman macrumors regular

    Joined:
    Jan 15, 2007
    #1
    My MobileMe account was hacked, the scam was the same that is being reported on CNN. Got everything back to normal, but the odd thing is that seemingly as part of this my iPad was remotely wiped.

    I got two emails (which obviously I could not access until I got account back):

    First one..

    Dear MobileMe member,

    (Name) iPad has been passcode-locked at 5:54 AM on June 7, 2010, as you requested at 5:54 AM on June 7, 2010.

    You can change the passcode again at any time using Find My iPhone at www.me.com.


    Second one...

    Dear MobileMe member,

    The remote wipe of (Name) iPad requested at 5:54 AM on June 7, 2010 began at 5:54 AM on June 7, 2010.

    All media, data, and settings are being permanently erased from (Name) iPad. This process may take up to two hours, depending on your device. Please note this process cannot be cancelled.

    If you retrieve your device after completing a remote wipe, you can connect it to your computer and use iTunes to restore it to a previous backup. If you were previously syncing with MobileMe, you can re-enter your MobileMe settings on your device to immediately restore email, contacts, calendars, and bookmarks.

    If your iPhone or iPad Wi-Fi + 3G has been lost or stolen, be sure to contact your carrier to suspend your wireless service.


    I can't figure out what the advantage to the scammer would be... unless they try to restore my information to their own iPad?

    In any case, then I went to restore, I could find backup of iPhone but not iPad. I sync regularly so I am not sure why it was not there... if I made a mistake or if it had something do to with the scam.

    Regardless, this has been a real PITA.
     
  2. colmaclean macrumors 68000

    colmaclean

    Joined:
    Jan 6, 2004
    Location:
    Berlin
    #2
    Sounds like a piece of mindless vandalism. Some people enjoy that. :(

    No idea why your iPad backups are missing, though...
     
  3. flynz4 macrumors 68040

    Joined:
    Aug 9, 2009
    Location:
    Portland, OR
    #3
    I do not know what the benefit to the hacker would be. Regarding the backup of your iPad, unless the hacker got your mobile me info by infecting your computer, I don't see how the iPad backup could have been deleted. If your computer was infected, then you have a more serious security issue.

    I am curious if this was an attack on your password, or if Apple has someone stealing password information. Was your Mobile Me password a long, complex, password with no dictionary terms including upper case, lower case, special characters, and numbers?

    /Jim
     
  4. sjinsjca macrumors 68000

    sjinsjca

    Joined:
    Oct 30, 2008
    #4
    Nihilism is rampant these days. It's a disease, and you seem to have gotten bitten. Sorry to hear it.
     
  5. Capt T macrumors 6502a

    Joined:
    Mar 20, 2010
    #5
    That really sucks! Hope it all works out for you.

    BTW you may want to remove your name from the post of the email. Also ask the person who quoted it to do it as well.
     
  6. mntentman thread starter macrumors regular

    Joined:
    Jan 15, 2007
    #6
    flynz4.... password was considered "excellent" but I think could have been better.
     
  7. mntentman thread starter macrumors regular

    Joined:
    Jan 15, 2007
    #7
    Thanks, Capt... geez I missed that my name was in there. I edited it out, now I just need flynz to do the same...thanks.
     
  8. Philscbx macrumors regular

    Philscbx

    Joined:
    Jan 4, 2007
    Location:
    Mpls Mn
    #8
    You are the original owner of the iPad?
    So far I never heard this alert.
     
  9. antiprotest macrumors 65816

    antiprotest

    Joined:
    Apr 19, 2010
    #9
    Can someone post a link? I have not seen any news report on this. Thanks.
     
  10. glitch44 macrumors 65816

    Joined:
    Feb 28, 2006
    #10
    Bruce Wayne: Criminals aren't complicated, Alfred. We just need to figure out what he's after.

    Alfred: With respect, Master Wayne, perhaps this is a man that you don't fully understand either. A long time ago, I was in Burma. My friends and I were working for the local government. They were trying to buy the loyalty of tribal leaders by bribing them with precious stones. But their caravans were being raided in a forest north of Rangoon by a bandit. So we went looking for the stones. But in six months, we never met anyone who had traded with him. One day I saw a child playing with a ruby the size of a tangerine. The bandit had been throwing the stones away.

    Bruce Wayne: So why steal them?

    Alfred: Well, because he thought it was good sport. Because some men aren't looking for anything logical, like money. They can't be bought, bullied, reasoned or negotiated with. Some men just want to watch the world burn.
     
  11. KevKaos macrumors 6502

    Joined:
    Sep 1, 2006
    Location:
    Baltimore, Maryland USA
    #11
    Love that scene, and the philosophy is rather sound as well.
     
  12. jtara macrumors 65816

    Joined:
    Mar 23, 2009
    #12
    Doesn't make sense. How did the iPad get passcode-locked? Where was the iPad?

    Somebody guessed your MobileMe password (was it an easy one?), OK. They can remote-wipe it. But not passcode-lock it. That requires physical access to the iPad to attempt unlocking with an incorrect code multiple times.

    Sorry, but I smell a troll.

    Alternately, do you REALLY know where your iPad was the whole time? Sounds like somebody in the household got snoopy, and locked it trying to guess your passcode.

    Link to CNN story? I can't find one.
     
  13. Cuechick macrumors 6502

    Cuechick

    Joined:
    May 30, 2010
    Location:
    So Cal
    #13
    Love the Batman reference and I think simple nastiness is a good bet. Though I also wonder if maybe it was not also some kind attempt at distraction to make it harder for you to right the situation?
     
  14. ZBoater macrumors G3

    ZBoater

    Joined:
    Jul 2, 2007
    Location:
    Sunny Florida
    #14
    Yes, you can passcode lock your iPad remotely through MobileMe.
     
  15. jtara macrumors 65816

    Joined:
    Mar 23, 2009
    #15
    Maybe I'm misunderstanding the terminology.

    You can SET a passcode remotely if your iPad doesn't already have a passcode. (Or change it if it does.)

    You can't remotely "passcode-lock" it. By "passcode lock", I mean that the attempt count has been exceeded and the iPad is now disabled for a time period or wiped.

    From context (assuming those are real emails) Apple seems to refer to setting a passcode as "passcode lock". So, if somebody is just being nasty, they first set a passcode, making it impossible for you to access your iPad, then wiped it. Doesn't make sense why anybody would do this, without trying to extort some money for unlocking it. (Which may come eventually - perhaps they will offer to restore the non-existent data.)

    If it's an attack, seems most likely it occurred on your PC, and wiped the backup as well. Mac or Windows?
     
  16. mntentman thread starter macrumors regular

    Joined:
    Jan 15, 2007
    #16
    jtara, I don't get it. Trolling? If those emails are real? I'm not sure what I would be trolling for. Trust me, this is all real. I have been dealing with the hacking all day.

    Here is the article... http://edition.cnn.com/2010/OPINION/03/28/greene.email.scam/index.html

    You can remotely set the iPad to lock and give it a password. Call if whatever you want. I assume this is what happened, but it was really a moot point because the next action was to wipe it remotely. I assume this happened through mobileme online.

    Nobody in my house had access to the iPad. They didn't do it. The guy who hacked my email account and sent out emails to everyone in there is the one who did it. Why is that so hard to believe? Why would I make this up?

    Yes, I am the original owner.
     
  17. ZBoater macrumors G3

    ZBoater

    Joined:
    Jul 2, 2007
    Location:
    Sunny Florida
    #17
    You can also remotely wipe your iPad. You are correct, you cannot enter a code remotely 10 times to wipe it, but you can set a code AND you can remotely wipe the iPad.

    So, if someone is wanting to be a bad person (insert proper term here :D ) then they could passcode lock you just to be spiteful, and then when they got tired just wipe the thing. There is a special place in Hell for these people... :mad:
     
  18. killerrobot macrumors 68020

    killerrobot

    Joined:
    Jun 7, 2007
    Location:
    127.0.0.1
    #18
    That article is from March 28th and mentions nothing about iPad, mobile me, nor remote data wipes.
    People's accounts do get hacked, but this is the first I've heard of a mobile me account and an iPad - which is probably why so many people here are quite incredulous of your story.
     
  19. andiwm2003 macrumors 601

    andiwm2003

    Joined:
    Mar 29, 2004
    Location:
    Boston, MA
    #19
    if I was the scammer I would want the spam to work as long as possible. that means I have to keep you from using the email account as long as possible.

    If you are at home I would try to infect and crash your computer.

    In case you are on the go I would need to disable your mobile devices. Wiping your iPad and iPhone seems a reasonable way to keep you from using your mail account and warning your friends.

    Disabling the breaks on your Toyota and get the gas pedal stuck would be another way.

    Hackers are vicious and unfortunately there is some logic in wiping your iPad. Hope you get everything set up soon. Sorry for your trouble......
     
  20. antiprotest macrumors 65816

    antiprotest

    Joined:
    Apr 19, 2010
    #20
    OK. I read the CNN article.

    Your first post said, "My MobileMe account was hacked, the scam was the same that is being reported on CNN."

    I thought you meant that your account was hacked as a result of falling for a scam. But it seems what happened was that your account was hacked (some other way) in order to carry out the scam. Is that right?
     
  21. mntentman thread starter macrumors regular

    Joined:
    Jan 15, 2007
    #21
    Antiprotest, you are correct.

    killerrobot, I see your point, but trust me. Maybe it hasn't happened before, but it has now. (I guess I don't see the point of someone making this up. Maybe there is a point, but I don't see it.)

    My concern remains if this was an effort to restore my iPad data to another iPad. I really don't think that's the case... but the only thing that continues to worry me is the listing of two iPads on the Find My iPhone page. Could be a glitch in that I basically had to start over with this one, maybe that grayed out iPad is this one in its old configuration... but I want to make sure it is not my data on some other iPad that is showing up as mine. Apple has not been a help as of yet.
     

    Attached Files:

  22. John Paul macrumors member

    Joined:
    May 10, 2010
    Location:
    Washington DC
    #22
    As for why the person who stole your MobileMe info wiped the iPad, it could have been pure malice, or it could have been an intentional move (as andiwm2003 said above) in order to make it as difficult as possible for you to attempt to address the problem.

    However, it would be impossible for anyone to remotely delete the iPad backup off your computer--unless they had physical access to your computer, or the ability to control 100% of your computer operations remotely (which would mean they have a LOT more than just your MobileMe account info). Because your iPad backup is not kept in MobileMe, it is kept on your hard drive. No access to hard drive = no ability to delete your iPad backup. So either someone was physically in the room with your computer, using it, or else someone had full access to your computer remotely--do you have a home wireless network with NO password protection, etc? That's the kind of access it would take.

    And if someone who was out for money (as the scam would indicate) had that kind of access to your computer, then I would think they would have 1001 things they would consider a higher priority to do than wipe your iPad backup off your hard drive. They'd be looking for financial/bank records, credit card numbers, etc.

    Are you SURE the iPad backup isn't still there? What message do you get when you plug the iPad into your computer and fire up iTunes?
     
  23. ZBoater macrumors G3

    ZBoater

    Joined:
    Jul 2, 2007
    Location:
    Sunny Florida
    #23
    If a strange iPad shows up on your MobileMe, you can delete it. Worst case scenario the hacker used your MobileMe account to register another iPad, which would make no sense (but hackers dont need sense). Just delete all the iPads from your MobileMe account, change the password to something secure, and then re-add the one iPad you do have.

    In order to setup an iPad with MobileMe you would need the MobileMe ID and password. Once you delete the iPad from MobileMe and change the password, a strange iPad shouldn't be able to show up on your Find My Iphone page anymore.
     
  24. mntentman thread starter macrumors regular

    Joined:
    Jan 15, 2007
    #24
    I suppose it's possible I did not have an iPad backup on my computer. I could swear it backed up when I plugged it in, but could be confusing with iPhone. When it was remotely wiped and I went to set it up, I had no iPad listed, just an iPhone. Restored from that just to see, but it was of course the iPhone info.

    John Paul.... home network locked down pretty good so I am sure no accessing from that direction.

    Have to believe my Mac was not accessed, just my MobileMe account.
     
  25. DataThief macrumors member

    Joined:
    Jul 30, 2007
    Location:
    Somewere in Washington State
    #25
    I have had this talk with my nieces, Do Not Believe everything you read in emails. People these days seem to think that anything in a email is absolute truth. A few questions by return email or a simple phone call is all it takes.

    Believe nothing, Verify everything.
     

Share This Page