Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Apple devices held hostage using Find My iPhone


  • Please log in to reply
2 replies to this topic

#1 buddy215

buddy215

  • BC Advisor
  • 12,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:29 PM

Posted 27 May 2014 - 08:45 AM

SOURCE: Apple devices held hostage using Find My iPhone | PCWorld

Go to articles linked for more info...

 

........Hackers appear to be exploiting Apple’s “Find My iPhone” service to lock up phones and tablets and send ransom demands to their owners.

A number of reports on Apple’s support forum tell of devices displaying messages that they have been hacked by “Oleg Pliss” and demanding payment of a US$100 ransom via PayPal to unlock them. Most of the reports were from Australians but there were also reports from a Briton and a Canadian.

The hackers seem to have used the “Find My iPhone” feature or its equivalent for other Apple gadgets to lock the devices and send the message, according to the forum posts that were first highlighted by Australian newspaper The Age.........


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


BC AdBot (Login to Remove)

 


m

#2 Darktune

Darktune

    Very Purple


  • Members
  • 1,139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:04:29 AM

Posted 27 May 2014 - 08:49 AM

This is a shame. Hopefully they get their devices back to normal functionality. 


It's very hard to imagine all the crazy things that things really are like. 

Electrons act like waves.. no they don't exactly, they act like particles.. no they don't exactly.

Words and ideas can change the world.


#3 smax013

smax013

  • BC Advisor
  • 2,326 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:29 PM

Posted 27 May 2014 - 11:39 AM

Seems that one big lesson from that thread on the Apple site is to set a passcode for your iOS devices, which I have always done. For those that did this, they could get back into their devices without having to wipe them. This does not help anyone after the fact, however.

It is unclear to me if you can do something similar with a Mac. It appears a firmware password does not serve the same purpose as there is a note/disclaimer in Apple's tech note on using "Lost Mode" that setting up a firmware password on a Mac and then having it locked with Find My Phone would result in one needing to take it to an authorized repair center to unlock it. I cannot tell if the normal user password would serve this function. I may have to experiment with things a bit.

The other worthy suggestion from the thread is to setup two factor authentication with one's iCloud account. Of course, that will not help anyone after the fact either. I have to admit that I am a bit leery about this. I am leery in general of two factor authentication. Yes, it is good from a security point of view, but depending on how it is implemented, it has the potential to be a real pain from a usability point of view. In the case of an AppleID, it seems like it does not really interfere with the usability aspect as you only need to use it to change a password or other details of your AppleID account or to make a purchase on a new device (assuming you use that AppleID to make purchases). The part that makes me leery with respect to an AppleID is that Apple explicitly states that if you get locked out of your AppleID with two-factor authentication turned on, then there is nothing they can do to help you. I understand this is to prevent "social engineering" ways of calling into Apple and tricking Apple employees to allow access to your account, but it seems to be a bit overboard.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users