Navigate

Extortion scheme based on ransom request hit Australian Apple Users

Cybercriminals have targeted a large number of Apple’s iCloud users with a sophisticated extortion scheme based on ransom request in Australia.

The 2013 is considered the year of ransomware, the number of infections related to this kind of threat has reached levels never seen before.
Cryptolocker is without doubts the most popular malware of this type, but many other agents have infected Windows users worldwide like LinkUP, the ransomware which blocks the Internet access for the victims by modifying the DNS settings.
As expected by security experts the threat of ransomware is migrating on mobile platform, last week it was discovered a malware campaign targeting Android mobile users, this week is circulating the news that cyber criminals have targeted a large number of Australian users of Apple’s iCloud with a sophisticated extortion scheme.
Apple users were targeted by the ransomware-like attack which locked iPhone, Mac and iPads through iCloud and a message originating in Apple’s find my device service that stated “Device hacked by Oleg Pliss“.
Following a consolidated extortion scheme the criminals request to unlock the device to send up to US$100 ransom on a specific Paypal account.
“I went to check my phone and there was a message on the screen (it’s still there) saying that my device(s) had been hacked by ‘Oleg Pliss’ and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me.” has written on the Apple Support Forum a victim of the new ransomware.
In reality, Apple users are not facing with a classic infection of their devices, the attackers allegedly hijacked Apple’s Find My iPhone feature, in this way criminals remotely lock iOS and Mac devices and send messages demanding ransom money.
The cyber criminals are using compromised iCloud accounts that were likely not using two-step verification process, for these accounts, hackers are able to gain device access simply using stolen credentials.
In these attack scenario the unique possibility to recover the device for owners of Apple devices is to reset it in “recovery mode“, but this process will erase all data stored on the device and applications installed.
Lesson learned
  • Turn on two-step verification for your Apple ID Apple’s support page.
  • Never Pay the ransom, in the specific case a PayPal spokesman confirmed that, ‘There’s no PayPal account linked to hacker email addr and any customer who has sent money will be refunded

[adrotate banner=”9″]

(Security Affairs –  Ransom, cybercrime)

AppleCryptolockerCybercrimeiCloudiOSLinkupransomransomwareTwo-factor verification
Pierluigi Paganini: Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.
Related Post
  1. LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order
  2. Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022
  3. Rhysida ransomware group hacked King Edward VII’s Hospital in London

This website uses cookies.