Apple iCloud users urged to change passwords
Owners of Apple devices are having their accounts blocked and are receiving ransom demands from hackers who appear to have compromised Apple’s iCloud security.
iPhone, iPad and Mac users in many Australian states have reported having their devices hacked followed by demands for a ransom to unlock the devices.
The problem appears to have also spread to the US in the last 24 hours.
The federal government’s Stay Smart Online website and the NSW Police have released warnings that suggest Apple users change their passwords as soon as possible. Stay Smart Online says that with the possibility that this attack is linked to the ‘Apple ID’, affected users are advised to change their Apple ID password as soon as possible. It also says that users not affected should also consider changing their Apple ID password as a precaution.
“At present, many users are reporting that their phones or systems lock unexpectedly, they receive an email from ‘Find My iPhone’ and a message on their screen stating that their device has been ‘Hacked by Oleg Pliss’,” says the Stay Smart Online alert. “The message said that to unlock their device they should pay a ransom via PayPal, emailing the payment code to lock404[a]hotmail.com.
“Reports by affected users suggest that this attack is possibly the result of hackers compromising the device owner’s Apple ID and using this to access their iCloud account. From their iCloud account a hacker can activate the device’s ‘Lost Mode’ and possibly reset the phone’s access code.”
Stay Smart Online says affected users should take the following steps:
- Do not pay the ransom.
- Change your password for your Apple ID. You can use your Apple ID to recover your device(s) if it has been locked by the hacker.
- Switch off Lost Mode via iCloud.
- If the hacker has set a new passcode lock on your device, you may be able to bypass this by using one of the methods suggested by Apple; however, you should note these involve either erasing, resetting or restoring your device from back up (if you have one).
- Set up two-step verification for your Apple ID. Turning on two-step verification reduces the possibility of someone accessing or making unauthorised changes to your account information. Two-step verification requires both your password and a separate verification code sent to your phone (or other trusted device) in order to log in.
- Affected users should contact Apple directly for more information. Apple has been able to help affected users recover their devices.
Strategies for navigating Java vulnerabilities
Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...
Not all cyber risk is created equal
The key to mitigating cyber exposure lies in preventing breaches before they happen.
How AI can help businesses manage their cyber risks
Artificial intelligence can be a powerful ally in the fight against cyberthreats.