Apple’s “Find My iPhone” service has been exploited by hackers to lock down iPhones and iPads while displaying ransom demands to their owners. This information came to light via the Apple support forum, where multiple customers stated that they received messages saying they have been hacked by “Oley Pliss”, demanding a payment of $100 USD via PayPal in order to unlock the device. The large majority of these reports came from Australia, however there were also reports from a British and Canadian user.
The hackers appear to be using the “Find My iPhone” feature to lock devices and send the ransom messages to the owners. Find My iPhone is a system used to find lost devices. A user will install the software onto their Apple device and if that device is lost, the user will be able to access iCloud to retrieve the location of their lost gadget. From iCloud, users also have the option to completely lock down the device to ensure it cannot be used by others.
Based on posts made by affected customers via Twitter and Apple forums, some stated lost mode was in fact enabled on their devices. Unfortunately, many were unable to disable the locked mode to regain full access to their device. Some users were able to restore their phones by rebooting the phone to factory settings, though this strategy has not been effective for every user.
As of right now, it is very unclear how the hackers were able to exploit this system to gain access to Apple devices. Some have suggested that the hackers gained access to a database filled with user names and passwords for a number of Apple services including iCloud. From there, the login credentials could have been used to access other users accounts and lock down the devices.
Some eBay users may have received an e-mail today prompting them to change their passwords. This was in response to this incident. One user stated that their iCloud login details were identical to those used on their eBay account. This same user also stated that he was hacked prior to this event. This prompted eBay to ask all of it’s users to reset their passwords.
Apple is currently working to identify the issue as promptly as possible. It’s very strange that this incident has lined up so closely to the release date of Watch Dogs, an open world hacking game.