Replies

What is happening is the owners' passwords have been accessed through iCloud and their devices locked through Apple's Find My Device's normal locking service. The users' passwords have apparently been compromised at some other breach, for example, the recent massive security breach at eBay, and these iPhone, iPad and iMac owners, like many people, using the same password on iCloud they were using on eBay. The "hacker" has merely logged into their iCloud account and locked their devices!

It is imperative for Apple device owners to

1: change their passwords if they had an account on eBay and used the same password!

2: IMMEDIATELY set a pass code on your device! Owners with pass codes set could immediately UNLOCK and gain back control of their devices!

3: set iCloud to use the two level authentication before changes can be made.

PayPal states there are no accounts associated with the emails the money is to be sent. PayPal will refund any money sent to them for payment on this extortion attempt.

1 posted on 05/27/2014 10:42:08 AM PDT by Swordmaker

2 posted on 05/27/2014 10:42:50 AM PDT by al baby (Hi MomÂ…)

I don’t use iCloud with my Macs or my iPod Touch. My personal devices remain comparatively personal.

3 posted on 05/27/2014 10:45:20 AM PDT by Dr. Sivana ("I'm a Contra" -- President Ronald Reagan)

I hope law enforcement will go after these criminals with enthusiasm. I don’t have an iPhone, but I’d be happy to send the robbers to prison for a decade or more.

4 posted on 05/27/2014 10:47:47 AM PDT by Pollster1 ("Shall not be infringed" is unambiguous.)

5 posted on 05/27/2014 10:54:48 AM PDT by 867V309 (GOPe? NOPe!)

6 posted on 05/27/2014 10:54:48 AM PDT by 867V309 (GOPe? NOPe!)

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...

SECURITY ALERT!!! Scammers using passwords, perhaps stolen from the massive ebay breach last week, are using the fact that many people use the same password on multiple services to scam iCloud users! Hackers are logging onto iCloud users accounts with IDs stolen fron other breaches, then using the Apple "Find My Device" ability to lock iPhones, iPads, and Mac computers to do just that! They then hold the device hostage until $50 to $100 is sent by PayPal! NOTE, This is NOT a hack of the Ipad, iPhone, or Mac, but a theft of the users' user name and password which allows them to activate normal features of Apple service against the owner. . . Unless the owner has a local pass code set on his or her device! If you do, you can get control of you devices back immediately. —PING!

Apple SECURITY WARNING Ping!

If you want on or off the Mac Ping List, Freepmail me.

7 posted on 05/27/2014 10:54:51 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)

Welcome Apple users to the real world, where your devices are constantly hacked.

9 posted on 05/27/2014 11:15:18 AM PDT by Jonty30 (What Islam and secularism have in common is that they are both death cults)

How to defend against Apple's Oleg Pliss iCloud attack
By Jonny Evans
May 27, 2014 7:50 AM EDT

Australian Apple device users are finding their iDevices locked by some hacker demanding cash. Here's how to defend yourself, and what to do if you've been hit.

There have been several high-profile attacks in which passwords and email addresses have been stolen -- principally, attacks on Adobe and eBay.

Those who use the same password across several accounts (ebay and iCloud, for example) are vulnerable. If that's you, then change your password for both accounts immediately. Stop reading this and change them now. (If you use the same passwords on other accounts you should also change those.) Use an original password for each account.

Change password eBay
Change password iCloud

Apple offers two-step verification for devices. Everyone should use this -- iCloud is already a central repository for contact, password, payment and other essential information. This means it makes absolute sense to make iCloud as secure as possible, and that means two-step verification. Read Apple's FAQ for information about this additional security layer.

The hacker who is attacking Australian users employs Apple's Find My iPhone service to lock devices and leave a ransom note on the display.

"iPad woke me at 4.30am with the message 'Your device has been hacked by Oleg Pliss'," a user said.

If you have a passcode for your device, then you don't have a problem -- just use the passcode to get into your device again, and change your iCloud password. Find My iPhone can only set its own code if you have not created your own passcode for the device.

If you've been hit

If you've been affected and already use a device passcode, just access your device using the code and change your password.

If you've been affected and are not using or have forgotten your passcode, then the nuclear option is to plug your device into your computer and run a Recovery Mode reset of your device. This will remove all your apps and data, but you can recover your most recent backup using iTunes, by following these instructions.

Some reports claim the following steps may help locked out users regain control of their device:

Turn off your device
Plug your cable into the computer, launch iTunes (but do not plug the phone via the cable at this point).
Press and hold the Home key on your turned-off phone (for about 10 seconds).
If nothing happens plug the cable into your device while continuing to hold the Home button.
Keep holding Home down until a picture of iTunes and a cable appear on the phone.
iTunes should see your device as an unidentified device
Select Restore Factory Settings. iTunes will download and install fresh software
The device will reset
You will be prompted to Restore the device, do this via iTunes
THROUGHOUT THE PROCESS YOU MUST NOT LET THE COMPUTER OR THE DEVICE ENTER SLEEP MODE.

Common sense

While this experience is incredibly unfortunate for those affected, it is important to note people would not be impacted to any great extent if they simply follow common sense security advice -- and it has to call into question just how many users of other platforms are also vulnerable through complacency?

Don't reuse passwords
Set a passcode on all your devices
Use two-factor authentication
Reset your Apple ID security questions and password immediately as a precaution.

Sophos adds:

Keep your devices up to data
Take extra care if you jailbreak your device

If nothing works, contact Apple support immediately. Apple did not immediately respond to queries on the matter.

11 posted on 05/27/2014 11:19:41 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)

I had something similar happen to my ipod about 2 weeks ago. It would let me do certain things but not all. So I wiped it all and rebooted from my weekly backup - problem solved. However, mine was not through iCloud as I don’t use that service.

I did have a passcode set and did not use the same on EBay.

The Find My Device application was installed and I was traveling in China at the time.

Interesting

12 posted on 05/27/2014 11:36:07 AM PDT by reed13k (For evil to triumph it is only necessary for good men to do nothings)

There’s a lot of that going on with just plain computers, too. A screen purporting to be the FBI pops up and says that you have been illegally downloading music or data, or viewing restricted porn sites, or some such other scam. It freezes your device and asks that you pay a fine by purchasing some sort of moneygram thing and entering the code number it gives you in a box.

17 posted on 05/27/2014 12:19:45 PM PDT by JimRed (Excise the cancer before it kills us; feed & water the Tree of Liberty! TERM LIMITS NOW & FOREVER!)

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794