Many Australian Apple device owners were in for a nasty surprise yesterday, after receiving a ‘ransom’ notification that read: “Device hacked by Oleg Pliss. For unlock device…”Once the notification was clicked, the message would display the hacker’s demand – ranging anywhere from $50 to $100.
To date, the hacking seems to have been limited to just Australia and New Zealand; however, this doesn’t bode well for Apple’s security measures.
While it doesn’t look as though malware plays a part in this attack, there appears to be traits similar to that of the Cryptolocker malware that did the news rounds last October – after encrypting a computer hard drive and demanding a ransom of $300 to be made in bitcoin within 100 hours.
Cybersecurity site, Stay Smart Online, has advised all Apple owners to change their Apple ID password in the first instance – even if their devices weren’t compromised.
“Reports by affected users suggest that this attack is possibly the result of hackers compromising the device owner’s Apple ID and using this to access their iCloud account,” explained the firm.
“A hacker with access to your Apple ID can potentially lock any device associated with it remotely, they can see data you have stored in iCloud, access your Apple Store purchases and potentially set up two-step verification (also known as two-factor authentication) on your device, locking you out of your phone completely, and even remotely erase your device.”
Any Apple device owners who have had their smartphone, tablet or computer affected should not give into the hacker’s demands. Apple has procedures to help users bypass the lock – but it means resetting the device which would result in deleting any information that’s not been backed up. Stay Smart Online has also stated that Apple has managed to help some owners recover their device.