Top IT Security Bloggers

Apple devices held for ransom, amid massive iCloud account hack rumours

Steve Ragan of CSO Online:
"On July 1, Alanna Coca noticed her iPad had started beeping. When she opened the cover, the lock screen had a message displaying a phrase in Russian – "Dlya polucheniya parolya, napshite na email" – followed by a Gmail address."
"Roughly translated, the phrase was telling her that in order to receive a password, she'll need to email the address displayed."
Such attacks aren't unusual (you may remember a message from Russian hacker Oleg Pliss popping up on some users' iMacs, iPhones and iPads back in 2014), and are perpetrated by a hacker putting a victim's device into lost mode after breaking into their Apple ID account.
A message sent by the hacker to the locked device asks for the victim to get in touch to arrange the ransom payment, and may even make a veiled threat that the device's data will be erased if cash is not transferred promptly.
What spices things up a little more this time is that Ragan reports rumours of a massive data breach at Apple potentially impacting 40 million iCloud accounts.
That may be nonsense, of course - it's possible that accounts have fallen under the control of hackers because of less sensational reasons - such as poor password choices, phishing or reusing the same password on multiple sites.
What is clear is that some Apple users are having their devices hijacked by extortionists. So make sure that you have a unique, hard-to-crack, hard-to-guess password protecting your Apple ID account.
And, if you haven't already done so, I strongly recommend enabling two-step verification on your Apple ID account to make it harder for hackers to break in.
Read more on CSO Online.

Read the full article