Stolen Apple IDs Used to hold iDevices for Ransom
Securityweek.com reported on 28th May, 2014 stating that cybercriminals are using stolen Apple details to lock iPhones, ipads and Macs and holding their users for ransom.
Most victims are located in Australia and New Zealand but it has been reported that some victims are from the United States also.
The attackers are compromising Apple IDs and using it to gain access to Find My iphone feature in iCloud enabling Lost Mode which allows owners to lock a lost or stolen device and send a message to the person who is possessing it.
The message sent to locked devices read as "Hacked by Oleg Pliss."
Securityweek.com reported on 28th May, 2014 quoting Satnam Narang, Security Researcher of Symantec explanation as "Oleg Pliss is the name of an Oracle software engineer whom cybercriminals mostly chose at random."
Victims are asked to pay 100USD/EUR via MoneyPak, Ukash or Paysafecard to get their devices unlocked.
Australian boards are still abuzz with (largely inconclusive) speculation in the aftermath of this incident. Neither fanbois nor security experts could find out the reasons for such attacks although there are many potential theories for this.
One of the common theories is that the hackers managed to gain access to Apple accounts because some users shared the same credentials for many accounts and some of which might have been exposed due to phishing campaign in the past.
Another theory says that there is a popular service in Australia and New Zealand which perhaps been hacked exposing shared password that were also being used to secure Apple IDs.
Having a unique password for different programs has become very important due to hacking at Abode and eBay. If part of iCloud's user base was hacked or some of its users used the same password for other services and were breached then it could echo that sentiment further.
Although Apple has not commented on this issue publicly and emails to the company were not returned on Tuesday, 27th May, 2014 but it is not a bad idea for users of iPhone and ipad in Australia and New Zealand to change their iCloud passwords even if they have not been attacked by the ransomware.
» SPAMfighter News - 06-06-2014