iPhone kidnapping? What to do if your device gets hijacked.

Dozens of iPhone and iPad users have received strange messages on their Apple devices, digital ransom notes that demand payment in order for the device to be unlocked. Who is behind it and what should you do if your device gets kidnapped?

|
Aly Song/Reuters/File
A man looks his an Apple iPad in front an Apple logo outside an Apple store in downtown Shanghai. A string of Apple device 'kidnappings' has security experts scratching their heads. Here is what to do if your iPhone is held for ransom.

The ransom note pops up like any other digital message on a locked iPhone screen. “Hacked by Oleg Pliss. For unlock device YOU NEED send voucher code by 100 $/eur one of this (Moneypack/Ukash/PaySafeCard) to helplock@gmx.com i sent code 2618911226.”

That was the message Australian iPhone user @Greta_Tar tweeted earlier today after she realized she was the latest victim of a security breach that is kidnapping Apple devices through a flaw in the Find My iPhone feature. Though an odd phenomenon so far mostly found in Australia, the hack does highlight an alarming breach in a system meant to ensure security for an Apple device. What’s the deal?

The Find My iPhone app has saved countless stolen and misplaced Apple devices. When a users can’t locate his or her device, he or she can log into iCloud to track the device’s location. Users can also lock the device and leave a message such as “This iPhone has been lost, please call this number if found.”

The hacker, so far only identified as Oleg Pliss (though whether that is the actual name of the hacker remains to be confirmed), has seemingly found a way to infiltrate the lock and message part of the app, locking the screen and leaving a digital ransom note. So far Apple has not released any information about the apparent hack, though complaints have popped up on Twitter and there is an Apple support thread discussing the issue. So far, a few dozen people in Australia and New Zealand and one person in the United States have claimed to have been hit. While some lock-screen messages demanded a PayPal payment, The Sydney Morning Herald reported that a PayPal spokesperson says there is no account linked to the e-mail address provided and any money sent as a result of the scam would be refunded.

With Apple remaining mum on the issue so far, tech experts have offered a few opinions as to what could be the culprit. Troy Hunt, an IT security expert, told the Herald, "It’s quite possible this is occurring by exploiting password reuse. Regardless of how difficult someone believes a password is to guess, if it's been compromised in another service and exposed in an unencrypted fashion, then it puts every other service where it has been reused at risk.”

In other words, if a password or other information was compromised through another flaw (recent examples include eBay, Heartbleed, and Target), a hacker could have access to passwords or other private information used for authentication purposes. This information could be used to access iCloud. He says it is key to use two-factor authentication to dissuade this type of vulnerability.

“Of course it also suggests that two-factor authentication was likely not used as the password alone wouldn't have granted the attacker access to the iCloud account,” he says.

Otherwise, possibilities include a man-in-the-middle attack, in which a hacker intercepts communication between iCloud and devices through an Internet Service Provider attack, or perhaps iCloud itself has a flaw. Nothing can be confirmed yet; Apple has not publicly made a statement.

What can Apple users do if faced with this attack? If users have a four-digit passcode, they can unlock their device using their passcode. If they don’t, they can restore their device to the last time it was backed up (which, be warned, may result in some loss of data that hasn’t been backed up). Otherwise, they can always bring it to an Apple store. To be safe, iCloud users may want to change their password to prevent future vulnerability.

This news comes in a particularly difficult year for private companies, as news of a new hack seems to pop up almost weekly. Most recently, eBay was hit with a major attack that left more than 145 million customers’ passwords compromised.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to iPhone kidnapping? What to do if your device gets hijacked.
Read this article in
https://www.csmonitor.com/Technology/Horizons/2014/0527/iPhone-kidnapping-What-to-do-if-your-device-gets-hijacked
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe