iOS ransom hack spreading to US

BurnIconXThe iOS ransom hack that began targeting users in Australia and New Zealand is also affecting those in the United States and other countries.

The hack began this weekend with a number of victims in Australia seeing a “Find My iPhone” service message that locked them out of their iOS devices and claims that a $100 ransom must be paid to a PayPal account in order to regain control of the device.

This hack appears to have been from compromised security credentials for Apple’s iCloud services, though how the credentials were obtained by third parties is so far unknown. While at first it was suspected that devices without a security passcode were affected, others with pass-codes have been. One common thread to these accounts appears to be that their access codes were set up as part of the Find My iPhone iCloud service, and not done before this service was enabled.

While initially users from Australia and New Zealand were affected, several people from the US have also seen their devices locked with the same message, suggesting the attack may affect others until Apple is able to get a handle on it, or until users properly secure their iCloud accounts.

Right now, the best course of action for anyone concerned about this is to change the password for the Apple ID they use with their iCloud accounts. This can be done at Apple’s Apple ID management site. If your iPhone or iPad has been compromised, then do not pay any ransom, and instead reset the device and restore it from a backup. Before doing so, be sure to back up your device to iTunes.

As a final security precaution, for now you can turn off Find My iPhone in your iCloud account, until the root of this problem has been found and corrected.

6 thoughts on “iOS ransom hack spreading to US

  1. MaX

    It seems that the hack is related to eBay stolen password data, so people that had iCould email and used SAME Passsord on both sites are being Hit:

    Australian Apple users held to ransom by Find My iPhone hacker

  2. B. Jefferson Le Blanc

    Topher, in your second paragraph you wrote “…a number of victims in Australia seeing a “Find My iPhone” service message that locked them out of their Macs….” Did you mean iPhones? I don’t recall any other mention of Macs here. It would be even bigger news if it locked people out of their Macs as well as iPhones and iPads.

      1. Strod

        Topher, the screenshot you included in the original article seems to be of a Mac, and the MacRumors article on the subject says that it is an iMac. If the problem is indeed linked to compromised iCloud passwords, it may affect Macs also: there are options to lock and to erase Macs also in the “Find my iPhone” section of iCloud, though of course I haven’t tested them.

        Since you have better contacts and access to info than pretty much anyone else here, can you please verify if the problem is iOS-only?

  3. Arial “Air” King

    I don’t think setting a password makes everything go off beautifully. Some hackers easily gain access to Wi-Fi connected iPhone when it’s jail-broken if they try the default root password, 80% jailbreakers know nothing about the root password configuration after their jailbreak!!! Some users even install spy apps like ikeymonitor to steal unlock pass-code when the device is jailbroken. We are not living in a safe world protected by password.

    But it is at least safer than no password. In normal cases, password is a protective and useful shield, even if it is weak to some extend..

Comments are closed.