Forgot your password?
typodupeerror
Australia Cloud Crime IOS Security IT

Australian iPhone and iPad Users Waylaid By Ransomware 52

Posted by timothy
from the beware-the-jabberwock-my-son dept.
DavidGilbert99 (2607235) writes "Multiple iPhone/iPad/Mac users in Australia are reporting their devices being remotely locked and a ransom demand being made to get them unlocked again. However, unlike PC ransomware, the vector of attack here seems to be Apple's iCloud service with the attacker getting to a database of username/password credentials associated with the accounts. It is unclear if the database was one of Apple's or the hacker is simply using the fact that people reuse the same password for multiple accounts and is using data stolen from another source. Apple is yet to respond, but there has already been one report of the issue affecting a user in the UK."
This discussion has been archived. No new comments can be posted.

Australian iPhone and iPad Users Waylaid By Ransomware

Comments Filter:
  • by Sockatume (732728) on Tuesday May 27, 2014 @10:21AM (#47099151)

    Apple do have two-factor authentication these days. If you have that enabled, anyone attempting to log on to your account has to have access to one of your devices or one of your fall-back accounts. Frankly, that should be turned on by default.

    My new rule of thumb is that anything I don't have protected by two-factor is something I can afford to lose access to. That's not to say that two-factor is a panacea - it's very easy to set it up so it's useless by, for example, giving a less-secure email address as a fall-back - but it's the minimum for anything I care about.

  • by Sockatume (732728) on Tuesday May 27, 2014 @10:23AM (#47099173)

    Maybe this was a proof-of-concept hack and they didn't want to take the risks involved in setting up an actual Paypal account they could extract money from until they were sure it worked?

  • by tlhIngan (30335) <slashdotNO@SPAMworf.net> on Tuesday May 27, 2014 @12:22PM (#47100131)

    How does this have to do with Apple using or not using OpenSSL? Right now the source of the attack is unknown but speculation is that people reuse their username (email) and passwords from other sites that have been compromised. So if someone has a list of yahoo credentials from heartbleed they might be able to take over someone's Apple account regardless if Apple used or did not use OpenSSL.

    Hell, it could very well be a phishing attack - a couple of months ago I've been getting a ton of "Apple ID confirmation" and other crap email asking you to "verify" your Apple ID with Apple.

    It's slowed down or gone now, but that could also very well be the problem. (Yes, those phishes were pretty obvious, but some were quite good).

    Heck, I've gotten them in FRENCH, too. That one was interesting. (In Canada, the typical standard is one email in both English and French, but this was French only).

    I wouldn't be surprised if this wasn't the result of said phishing attack.

"It is easier to fight for principles than to live up to them." -- Alfred Adler

Working...