Freshly squeezed news brought to you from
a desktop somewhere around the world.

Ransomware hijacks Aussie Apple users – Users locked out of accounts.

Posted by FreshCare Support

A number of Australian Apple customers have this morning reported being locked out of their devices and prompted to send up to US$100 to a suspected hacker in order to have them unlocked.

All the affected customers revealed that their Apple products – phones, tablets, laptops or desktops – were connected to Apple’s iCloud services.

The users claim to have been presented with a message alert stating their device had been hacked, accompanied by a demand for US$100 for the hacker to unlock it.

The hackers appear to have gained access to user iCloud accounts and put the device into lost mode with a changed or new password using Apple’s ‘find my device’ app.

However, as detailed in a flurry of posts to Whirlpool and Apple’s support forum, affected users found a workaround to access their devices by restoring the device from a backup within their iTunes account.

Such a workaround appears only to be effective for users who previously had a passcode on their devices.

Apple customers reported receiving the “hacked by Oleg Pliss” message in the early hours of this morning.

“To unlock it I was supposed to quote some code and there was a green call button below the message. At the same time I received email messages from the ‘find my iphone’ app (on my computer) saying that my phone had been lost, then found. I wasn’t sure if these were genuine or not,” one user stated.

The name Oleg Pliss is listed as an Oracle software engineer in the US and a banking professional in the Ukraine, among others. The issue has also been reported by a handful of New Zealand customers.

Apple has been contacted for comment.

What can you do to protect yourself?

• Change your Apple ID (iCloud) password

Can Anti-Virus Protect my device?

• No.  This ransomware is injected into your device via your Apple Account.

If I get it, will my anti-virus fix it?

• Unfortunately, once infected all your files are encrypted and the only way to recover is via a Restore from backup.  Make sure you have a current valid backup.

The above article originally appeared on ITnews.com.au: http://www.itnews.com.au/News/386550,aussie-apple-devices-hijacked-held-to-ransom.aspx#ixzz32su8nZnS