Hacker hijacks Apple devices remotely, asks for ransom
Posted on 27 May 2014.
An unusual case of cyber extortion has been spotted in Australia: Apple device users in Queensland, NSW, Western Australia, South Australia and Victoria have been woken up to messages displayed on their devices saying they have been hacked.


The message says that the hacker is one "Oleg Pliss", and that they should send $50 (or alternatively "$100 USD/EUR") to a PayPal account in order to get their devices unlocked.

So, what happened? And why have only Australian users been targeted?

Well, it seems that no actual malware is involved, and for now the most likely explanation is that the attacker has somehow gotten a hold of the victims' iCloud login credentials and used them to remotely lock their devices with a passcode via the "Find my iPhone" feature.

Users who have been faced with this problem are advised not to pay the ransom and to contact Apple directly to be advised on how to unlock their devices and regain access to their iCloud account.

It's interesting to note that the victims who have set up an access passcode on their devices have seen the ransom message, but are able to regain control of their devices by simply inputing it.

Apple has yet to officially comment on the matter, but a PayPal spokesperson has confirmed that there is no PayPal account linked to the email address given by the hacker, and that the money already sent by the victims will be returned to them.

The curious name used by the attacker is more than likely an alias, but it's interesting that it's also the name of a well-known software engineer working for Oracle.

All in all, I'm inclined to think that this attack is more of a prank than anything else. If you were the attacker, would you give out the email for an existent PayPal account? Or, alternatively, would you use a PayPal account at all?

The question remains how he (or she) managed to get the iCloud account login credentials. My bet is on some Australian service having been hacked and the attacker trying out the harvested login credentials against the iCloud service, relying on the fact that at least some of the users will have used the same ones for both.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //