From last few years Ransomware malwares are targeting Windows users Worldwide and experts predicted that it was just a matter of time until ransomware would hit mobile devices and other Desktop operating systems like Mac, iOS, Android etc.
A Few weeks back we reported about a Ransomware malware campaign which is targeting Android mobile users. Such Malware first try to trick users into downloading it and then demanding payment to restore user control of the device.
This morning reports came out that cybercriminals have targeted a large number of users of Apple's iCloud connected devices with a sophisticated Ransomware in Australia.
The owners of iPhone, Mac and iPads are finding their devices locked remotely through iCloud and a message originating in Apple's find my device service that states "Device hacked by Oleg Pliss".
One user wrote on Apple Support Forum, "I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me."
The Locked Devices are prompting to send up to US$100 to a Paypal account of the suspected hacker in order to have them unlocked. But we urge our users not to send money to the given account, as PayPal spokesman confirmed that, 'There's no PayPal account linked to hacker email addr and any customer who has sent money will be refunded'
HOW HACKERS LOCKED THE DEVICES?
This case is quite different because phones are not infected by any malicious application, but rather hackers allegedly hijacked Apple's 'Find My iPhone' feature, which allowed them to remotely lock iOS and Mac devices and send messages demanding ransom money.
It appears that Australian hackers are using compromised iCloud accounts, exposed in some recent security breaches and the hacked accounts were likely not using two-step verification. But those users who have set Passcode for a two-step verification on their Apple devices haven't fallen victim to this attack, because just account password will not be sufficient for hackers to gain device access.
Users can still recover their device by resetting the device in "recovery mode", but in this process you will lose all your apps and data stored on the device.
Apple has not yet officially commented on the issue but users are recommended to turn on two-step verification for their Apple ID with the directions available on Apple's support page.