New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Hackers Involved in Locking and Ransoming Apple Devices in Australia Arrested

Two weeks ago, hackers hijacked several iOS and Mac devices in Australia, remotely locking them via iCloud and demanding a ransom from the owner to get the device unlocked.

"Device locked by Oleg Pliss," read the hijacker's message, along with a demand for $50 to $100. Quite a few users were affected and while early speculation suggested iCloud may have been hacked, Apple confirmed that iCloud was not compromised, and that hackers had instead gained access to Apple IDs and passwords, likely through other site breaches where they used similar credentials.

australian_ios_device_hacked
The two hackers behind the attacks have now been detained by Russian authorities, reports The Sydney Morning Herald.
The hackers - aged 17 and 23 - were detained in the course of "operational activities" by the Russian Interior Ministry, Russia's Ministry of Internal Affairs said. They are both residents of the Southern Administrative District of Moscow and one has already been tried before, it said.
According to Russian site MKRU [Google Translate), the two hackers were caught after appearing on camera withdrawing a victim's ransom money from an ATM. The site also confirms the hackers gained access to Apple IDs and passwords via phishing pages and social engineering techniques, then used that information to lock devices. Russian users were also affected, which led to the investigation.

One method of obtaining login information involved a pre-owned account filled with movies and music that was sold to an unsuspecting victim. Once the person linked their own details with the account, it was vulnerable to being hijacked.

During the attacks, users who had passcodes enabled on their devices were able to bypass the hack, but those who had not previously set a passcode were out of luck, requiring a full reinstall of iOS. Apple recommends using a passcode with iOS devices, as well as two-step authentication, which can help thwart attacks like this one.

Top Rated Comments

(View all)

19 weeks ago
May they be hanged
Rating: 10 Votes
19 weeks ago

...now give them a job in cupertino and get our devices safe.


lol? they didn't hacked or breach Apple security, they used simple phishing scamming scheme and found some stupid ppl who doesn't care about their protection while using passwords like 123456...
Rating: 9 Votes
19 weeks ago
YAY! Now with todays technology, find the missing Malaysia plane!
Rating: 7 Votes
19 weeks ago
ArrestGate!

People are being arrested because of Apple's security fail!1!

Apple si d00med!
Rating: 7 Votes
19 weeks ago

ArrestGate!

People are being arrested because of Apple's security fail!1!

Apple si d00med!


No, they tricked the users into giving up their passwords.

But who cares? If you have a recent backup you can simply re-set the phone. It's stupid to pay a ransom.
Rating: 6 Votes
19 weeks ago

...now give them a job in cupertino and get our devices safe.


That would be both immoral, dangerous, and pointless. They are criminals blackmailing people. You'd never in a million years hire them. And they don't actually know anything about making devices secure.
Rating: 5 Votes
19 weeks ago
This title is totally misleading. They were not hackers. This is what it should read.
"Phishers Involved in Locking and Ransoming Apple devices in Australia Detained."

----------

its crazy how someone can be so smart to hack or phish information and hijack a computer....yet walk up to a bank machine that has video surveillance and withdraw the money they stole....


Phishing requires very little intelligence. It requires stupidness on the part of the Phishee.
Rating: 5 Votes
19 weeks ago

ArrestGate!

People are being arrested because of Apple's security fail!1!

Apple si d00med!


No, they tricked the users into giving up their passwords.

But who cares? If you have a recent backup you can simply re-set the phone. It's stupid to pay a ransom.


Read the article. People purchased an already in use account.

"One method of obtaining login information involved a pre-owned account filled with movies and music that was sold to an unsuspecting victim. Once the person linked their own details with the account, it was vulnerable to being hijacked."
Rating: 4 Votes
19 weeks ago
Send them to a Gulag! Let them lose their youth in confinement and forced labor.
Rating: 3 Votes
19 weeks ago
There's also a lot of torrent files that iTunes users upload and when you look at the detailed information it also lists their iTunes ID/email. That's totally their own fault though if they're sharing something with their own account.
Rating: 3 Votes

[ Read All Comments ]