The Hacker News reports that two young hackers from Russia have been arrested following an investigation into recent cyber attacks against iPhone owners. These attacks mostly affected users in Australia and New Zealand, and used a phishing scheme to gain user account information. After gaining this information, the hackers took advantage of Apple’s Find My iPhone feature to lock down users’ devices.
From The Hacker News:
Russian Authorities have arrested two young hackers from Moscow for their alleged involvement in compromising Apple ID accounts and then using ‘Apple’s Find My iPhone’ service to hold iOS devices for ransom.A Russian man aged 23 and a teenager aged 17 had been taken into custody in the Southern Administrative District of Moscow for their part in “blocking of Apple devices to extort funds,” claims the press release on the Russian Interior Ministry’s website on Tuesday.It was first assumed that Apple’s cloud storage service, iCloud had been compromised in the Oleg Pliss attack, because the hackers were able to send out notifications via the Find My iPhone feature, while Apple denied that their cloud storage service was not compromised and that the affected users’ login details must have been compromised elsewhere.
As is often the case, even the best security can be derailed due to user error. This is just another reminder that everybody needs to be careful where they enter their account information online.
The good news, is that the Hacker News also outlines how users can regain control of their devices without paying the ransom:
However researchers said, victims can still recover their devices by resetting their devices in “recovery mode” followed by a restore from a backup by connecting to iTunes, but in process they would lose apps and data stored on the device.
Hopefully losing their selfies and high scores on Flappy Bird will act as chilling reminder for people to be more careful with their personal data.
Source: The Hacker News
Last Updated on November 27, 2018.
