Mac, iOS devices remotely locked through Find My iPhone – How to protect yourself
A number of Mac, iPhone, and iPad users in Australia are reportedly finding their devices remotely locked through Apple's Find My iPhone service by someone called "Oleg Pliss."
The hacker(s) demand payments of $50 - $100 to restore the devices to their rightful owners. Affected users are required to deposit that sum into an anonymous PayPal account.
"I was using my ipad a short while ago when suddenly it locked itself, and was askiwhich I'd never previously set up. I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me," one user wrote on Apple's Support Forum.
"I have no idea how this has happened. I am not aware of having been exposed to malware or anything else, although i did recently purchase some new apps - perhaps one of these has something to do with it? I don't know. I am not sure what avenue has been used to reach my devices - I'm about to use my husband's laptop to check through some of my accounts (gmail, etc) and see if there is any clue there."
According to user reports, the hacker(s) locked all devices from a user, not just a single device per user. Considering that this "Oleg Pliss" is taking over users' devices through Find My iPhone, the hacker most likely gained access to users' iCloud accounts.
On the other hand, Find My iPhone can only be used to set a passcode to devices that don't have one set already. This means that victims who were locked out through Find My iPhone are able to regain access if they had set a passcode on their devices. Once a passcode is set for a device, it cannot be changed from Find My iPhone, it can only be changed or removed from the actual device.
"Because I had a passcode set up on my phone, I got back in using that passcode and it's all fine now. However my other devices didn't have a passcode so they are still locked," wrote another user.
Users who didn't have a passcode set and were affected by this hack will have to contact Apple to resolve the issue. Once you've regained access to your iCloud account, it is strongly recommended to reset your Apple ID password, as well as the associated security questions.
Recommended Steps to Boost Security
To avoid such risks, it is advisable to use unique passwords. Using the same password for several different accounts (iCloud, Facebook, PayPal, Twitter, and so on) puts all of those accounts at increased risk, as an attacker who gains access to the password can then compromise all accounts with said password. If using different passwords for each account sounds too hard to manage, you can always rely on a specialized app specifically designed for such purposes.
Using two-factor authentication whenever possible is also highly recommended, as it significantly increases an account's security. This process requires users to enter a time-sensitive code in order to log in an access an account.
Lastly, if you don't have a passcode set for your iOS device already, now would be a good time to set one. As explained above, this will prevent hackers from adding a passcode through Find My iPhone to lock you out.