Hackers Involved in Locking and Ransoming Apple Devices in Australia Arrested

Two weeks ago, hackers hijacked several iOS and Mac devices in Australia, remotely locking them via iCloud and demanding a ransom from the owner to get the device unlocked.

"Device locked by Oleg Pliss," read the hijacker's message, along with a demand for $50 to $100. Quite a few users were affected and while early speculation suggested iCloud may have been hacked, Apple confirmed that iCloud was not compromised, and that hackers had instead gained access to Apple IDs and passwords, likely through other site breaches where they used similar credentials.

The two hackers behind the attacks have now been detained by Russian authorities, reports The Sydney Morning Herald.

The hackers - aged 17 and 23 - were detained in the course of "operational activities" by the Russian Interior Ministry, Russia's Ministry of Internal Affairs said. They are both residents of the Southern Administrative District of Moscow and one has already been tried before, it said.

According to Russian site MKRU [Google Translate), the two hackers were caught after appearing on camera withdrawing a victim's ransom money from an ATM. The site also confirms the hackers gained access to Apple IDs and passwords via phishing pages and social engineering techniques, then used that information to lock devices. Russian users were also affected, which led to the investigation.

One method of obtaining login information involved a pre-owned account filled with movies and music that was sold to an unsuspecting victim. Once the person linked their own details with the account, it was vulnerable to being hijacked.

During the attacks, users who had passcodes enabled on their devices were able to bypass the hack, but those who had not previously set a passcode were out of luck, requiring a full reinstall of iOS. Apple recommends using a passcode with iOS devices, as well as two-step authentication, which can help thwart attacks like this one.