7 Comments

Summary:

Owners of iPhones and iPads in Australia are reportedly locked out of their devices until paying a ransom fee. The hack is taking advantage of Find My iPhone although the cause is likely account credential theft and not the software.

Find My iPhone

A number of iOS owners in Australia have lost access to their devices courtesy of a digital hack, according to The Age. The first incident appeared on an Apple support forum on Monday and was soon followed by dozens more. Owners of the iPhones and iPads are finding that their devices are locked and will only be unlocked if they send money to a specific PayPal account. While the original issue was constrained to Australia, a U.S. iOS device owner claimed to be hacked in the same manner on Tuesday.

can't find my iphone

The hack appears related to Apple’s Find My iPhone app, which assists in finding a lost device. It’s not clear if the hacked devices are locked due to an exploit in the app or because the hackers have access to certain iCloud or Apple accounts. The devices can be unlocked through a factory restore process reports one forum poster who worked through this process with Apple support:

“Turn off your phone. Plug your cable into the computer and have itunes up (do not plug into the phone yet). Press and hold the home key on your off phone (I did mine for about 10 seconds). If nothing happens, plug in the cable into your phone (keep holding the home key). What you want to see come up is the picture of itunes and cable on the front of the phone. Your itunes should then recognise the phone as an unidentified phone. Select restore factory settings (it should down load some software) ~15 mins and automatically install

The phone should go through some of the standard reset screens (usually black screen with apple icon and loading bar). You will be prompted to restore the phone…. do this from itunes not the phone. Throughout this process you must not let the phone or computer go into sleep mode…. and don’t disconnect.”

We’ve reached out to Apple for comment and will report back with any response. Given the recent rash of online account theft of late — think eBay just five days ago — my suspicion is that this issue may be related as some people still use the same account credentials for multiple services. One of the affected forum posters in fact noted that he did use the same ID and password for both eBay and Apple’s iCloud service.

  1. So secure! Not like that hacker beset Android!

    Reply Share
  2. Yeah, it’s really unfortunate that the weak link in Apple’s security is the user.

    Reply Share
    1. O’rly? The user is the weak link? Not the iCloud security that is shitty and was broken? Hahah, fanboism is obscuring your clear vision of the situation.

      Reply Share
      1. The security was not broken they are using credentials that were gathered from the heartbleed SSL bug that has nothing to do with Apple security.

        Reply Share
        1. If it had nothing to do with apple security then other OS’s would be getting hacked too. Blaming users with a product that claims to just work seems odd to me.

          Reply Share
  3. Seems to me that the first step ought to be to change icloud / Apple password, so the user doesn’t fall prey (again) to the same hack…

    Reply Share
  4. WTF… This is revolution guys.. Just a start.. More’s got to come soon. I am a member of modulates and pretty much recommend it without reservations if you want to use video. It’s creating MLM direct sales which means income. But try it yourself, let me know if you agree.

    Reply Share