Australian Apple customers suffer major ransomware attack

Security

by Jimmy Nicholls| 27 May 2014

Password reuse thought to have caused the breach across iPod, iPhone and Mac.

Hackers are holding Australian Apple customers to ransom by locking iPhones, iPads and Macs and demanding payment to unlock the products.

Affected devices have been reported across several states in Australia displaying an error message attributing the hack to Oleg Pliss, and instructing users to send $100 (USD) or €100 to a PayPal account.

Writing on the Apple support forums, user veritylikestea said: "I have no idea how this has happened. I am not aware of having been exposed to malware or anything else, although I did recently purchase some new apps - perhaps one of these has something to do with it?"

Many Apple customers were woken during the night when their devices were set into "lost" mode and their passwords were reset, preventing them from accessing the phone.

Bob Tarzey, analyst at Quocirca, said: "There are lots of Apple devices out there - and their users tend be at the wealthier end of the spectrum, compared to the larger Android mass market.

"However, iOS is hard to target with malware due to the walled garden environment in which Apple operates so, unless devices are jail broken by their users, getting malware and unauthorised apps on to their device is hard."

Speaking to several media organisations, Troy Hunt, a software architect at Microsoft, said the attack appeared to be isolated to Australia, and noted that password reuse on non-Apple services may have been responsible for the breach.

"Of course, it also suggests that two-factor authentication was likely not used as the password alone wouldn't have granted the attacker access to the iCloud account," he added, speaking to the Sydney Morning Herald.

PayPal said that payment account is linked to the email address the hacker had supplied to victims, but added that any money sent would be refunded. At the time of writing, Apple has yet to comment on the matter.

Oleg Pliss is a software engineer and computer scientist at Oracle, and it is likely his name has been misappropriated by the hacker behind the breach.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

745 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.