Aussie iPhones held to ransom

Australian iPhone and iPad owners locked out of their devices.
Learn more

01.How to protect yourself from hackers


Hackers are reportedly holding Apple products to ransom across Australia, remotely locking out users from their iPhones, iPads and Mac computers.  

Affected devices display a message demanding $50 or $100, paid via PayPal, to return them to normal.

If you have been attacked, do not pay the hackers. Users who have set a passcode on their device are reportedly able to unlock it using the passcode as normal, but those without a passcode can’t, requiring the device to be reset.

It appears the attackers are using the anti-theft feature “Find My iPhone” to remotely target and lock iPhones and iPads and display a message that says “Device hacked by Oleg Pliss.” 

Stay Smart Online says it is believed the attackers obtained Apple ID account and password information and used it to activate the Lost Mode via each users iCloud account. This is not confirmed and Apple is yet to make an official statement.

Affected users are advised to change their AppleID password as soon as possible and others should consider changing it as a precaution. It is thought that the hackers may simply be reusing ID information discovered during a breach of other online services, such as the recent eBay attack. Many people still use the same password for multiple accounts, increasing the risk if ever the password is stolen. CHOICE recommends using unique passwords for all accounts and online services, and using a password manager.

What to do

If your Apple device falls victim to the ransomware attack, here’s what to do:

  • If the device is passcode protected, unlock your device as normal, then log into iCloud, deactivate Lost Mode and change your Apple ID password.
  • If the device isn’t passcode protected you may need to restore the device. Note that this will wipe the contents of your idevice, but you will be able to recover your apps and personal data if you have synced your data to iCloud or backed it up to a computer.
  • Set up two-step verification for your Apple ID. This security measure requires both your password and a separate verification code sent to your phone (or other trusted device) in order to log in.

Affected users should contact Apple directly for more information. Apple has been able to help affected users recover their devices. Meanwhile, PayPal has advised anybody affected to not pay, but that the service would refund any money transferred by victims to the hackers.

The attack comes just one week after online auction site eBay announced they had been subject to cyber-attacks in February and May. In an apparently unrelated attack, Spotify has also been hit this week, announcing that a single account was compromised. Spotify has advised users to change their passwords just in case.



Sign up to our free

Receive FREE email updates of our latest tests, consumer news and CHOICE marketing promotions.

Your say - Choice voice

Make a Comment

Members – Sign in on the top right to contribute to comments