Australian Apple device users are finding their iDevices locked by some hacker demanding cash. Here's how to defend yourself, and what to do if you've been hit.
[ABOVE: Neat highwayman image by Paul Townsend/Flickr.]
There have been several high-profile attacks in which passwords and email addresses have been stolen -- principally, attacks on Adobe and eBay.
Those who use the same password across several accounts (ebay and iCloud, for example) are vulnerable. If that's you, then change your password for both accounts immediately. Stop reading this and change them now. (If you use the same passwords on other accounts you should also change those.) Use an original password for each account.
Apple offers two-step verification for devices. Everyone should use this -- iCloud is already a central repository for contact, password, payment and other essential information. This means it makes absolute sense to make iCloud as secure as possible, and that means two-step verification. Read Apple's FAQ for information about this additional security layer.
The hacker who is attacking Australian users employs Apple's Find My iPhone service to lock devices and leave a ransom note on the display.
"iPad woke me at 4.30am with the message 'Your device has been hacked by Oleg Pliss'," a user said.
If you have a passcode for your device, then you don't have a problem -- just use the passcode to get into your device again, and change your iCloud password. Find My iPhone can only set its own code if you have not created your own passcode for the device.
If you've been hit
If you've been affected and already use a device passcode, just access your device using the code and change your password.
If you've been affected and are not using or have forgotten your passcode, then the nuclear option is to plug your device into your computer and run a Recovery Mode reset of your device. This will remove all your apps and data, but you can recover your most recent backup using iTunes, by following these instructions.
Some reports claim the following steps may help locked out users regain control of their device:
- Turn off your device
- Plug your cable into the computer, launch iTunes (but do not plug the phone via the cable at this point).
- Press and hold the Home key on your turned-off phone (for about 10 seconds).
- If nothing happens plug the cable into your device while continuing to hold the Home button.
- Keep holding Home down until a picture of iTunes and a cable appear on the phone.
- iTunes should see your device as an unidentified device
- Select Restore Factory Settings. iTunes will download and install fresh software
- The device will reset
- You will be prompted to Restore the device, do this via iTunes
- THROUGHOUT THE PROCESS YOU MUST NOT LET THE COMPUTER OR THE DEVICE ENTER SLEEP MODE.
While this experience is incredibly unfortunate for those affected, it is important to note people would not be impacted to any great extent if they simply follow common sense security advice -- and it has to call into question just how many users of other platforms are also vulnerable through complacency?
- Don't reuse passwords
- Set a passcode on all your devices
- Use two-factor authentication
- Reset your Apple ID security questions and password immediately as a precaution.
- Keep your devices up to data
- Take extra care if you jailbreak your device
If nothing works, contact Apple support immediately. Apple did not immediately respond to queries on the matter.
I hope this report helps you better secure your iCloud experience. I'm confident that following the security recommendations made in this report will help iOS device users have a safer time -- so I'm asking you, if you agree, please to share this advice with your friends. Stay safe out there!
Got a story? Drop me a line via Twitter or in comments below and let me know. I'd like it if you chose to follow me on Twitter so I can let you know when fresh items are published here first on Computerworld.
- iOS 7: Using your iPhone to get the milk
- OS X: 7 handy Mail tips for Mac users
- The Android-to-iPhone switchers guide
- How to avoid paying Apple for extra iCloud storage
- 5 great apps to boost you in business (Mac, iOS)
- Tips to help you become an iOS 7 Mail power user
- Quick Guide: iOS 7, managing Wi-Fi on iPhone, iPad
- OS X Mavericks, iOS 7: Text Shortcuts explained
- iOS 7: A quick guide to using iPhone calling features
- iOS 7 tips: taking better iPhone photos
- Quick guide: How to improve Siri in iOS 7
- 12 great Christmas gifts for Apple's iPad, iPhone