An online attack geared toward computers is making its way onto iPhones, holding affected users’ phones hostage.
According to media reports, iPhone users in the U.S. and Europe are falling victim to a scam in which hackers get into their IOS devices, put it in lost mode and require money to unlock it. Similar to ransomware scams that hold computer users’ data hostage, the hackers are betting victims will be more than willing to pay to get their phone back. The attack appears to be coming from Russia, with CSO reporting a number of the victims saying the ransom demands were written in Russian.
Hackers are able to compromise iPhones and iPads by first getting access to an Apple ID. With that in hand, they use the Find My iPhone feature to put the phone in lost mode. Find My iPhone is a feature of Apple iCloud that lets users lock their device and track it if they lose it or it is stolen. In the hands of the bad guys, it means they can lock the device and send a message to the screen demanding money. The ransom is typically $30 to $50. Victims are given payment instructions and a deadline. If payment isn’t received in 12 hours, the message warns that the data on the phone will be deleted.
This isn’t the first time an iPhone or iPad has been compromised. In June 2014, the Russian Interior Ministry announced it had arrested two people for ransomware attacks on iPhone users, also using Find My iPhone to get in. The two used phishing scams to acquire the Apple passwords. Victims reported the phones were locked after receiving a message that the device was hacked by Oleg Pliss, who wanted $100. Apple said then that it wasn’t due to a compromise of iCloud.
While it’s been quiet on the ransomware front for a while, in recent months, there has been an increase in the number of incidents. Hackers don’t only have to compromise Apple IDs themselves to hold a person’s iPhone ransom; there are also underground websites that sell compromised Apple IDs to hackers.