Resultados 1 a 2 de 2
  1. #1
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010

    [EN] iPhones 'hijacked for ransom'

    It appeared that the attacker gained access to users' iCloud accounts, the cloud storage service offered by Apple that is able to access devices remotely.

    27 May 2014 Last updated at 14:51 GMT
    Apple devices 'hijacked for ransom' in Australia
    By Dave Lee Technology reporter, BBC News

    Several users of Apple devices in Australia have reported that their gadgets have been "hijacked" - with a message demanding money.

    Experts believed the hack had targeted users by exploiting the Find my iPhone feature.

    A message appeared on some targeted phones asking for "$100 USD/EUR" to be sent to a PayPal account.

    Mobile networks have advised affected users to contact Apple, which has not yet commented on the problem.

    It appeared that the attacker gained access to users' iCloud accounts, the cloud storage service offered by Apple that is able to access devices remotely.

    PayPal has said any funds sent to the specified account would be refunded.

    'Woke me up'

    According to the Sydney Morning Herald, the problem spread across much of Australia, with reports of attacks in Queensland, New South Wales, Western Australia, South Australia and Victoria.

    However, reports have emerged from further afield, with at least one case said to have occurred in London. It involved an Australian visiting on holiday.

    Concerned users took to Apple's support forums, and Twitter, to share details of attacks, which affected iPhones, iPads and, in some cases, Mac laptops.

    "This has happened to me too in Brisbane, woke me up half an hour ago," wrote one user, amberoonie.

    "Freaking out as when I opened my laptop it had the same message 'Device hacked by Oleg Pliss. For unlock device' with the Find My iPhone icon."

    It is unlikely the hacker would use his real name in the message.

    'Not an option'

    Information security consultant Brian Honan told the BBC that so far little is known about the source of the attacks.

    He said theories ranged from someone having access to Apple's systems, to hackers having access to a database of usernames and passwords - perhaps obtained from a third party.

    Regardless, he said Apple had to move quickly to reassure users.

    "One of the key things, as in any security breach, is being able to communicate proactively with your affected customers," he said.

    "Even just to let them know what you're doing to deal with the issue can be reassuring. Remaining silent is not an option these days."
    Última edição por 5ms; 27-05-2014 às 14:39.

  2. #2
    WHT-BR Top Member
    Data de Ingresso
    Dec 2010

    What thread in Apple's support forum is 26+ pages?

    Apple’s support forum has a thread that is 26 pages and growing in which customers say their iPhones and iPads were taken hostage with a ransom message demanding money.

    The alleged attacks, under the name “Oleg Pliss,” started days ago in Australia but isn’t isolated to that region. It’s not clear how many people in what areas have been affected, though there have been reports that the incident reached the U.S.

    Judging from the complaints, it seems that the mystery perpetrator (or perpetrators) is logging into some users’ iCloud accounts from the Web, then engaging the “Find My iPhone” feature to lock devices remotely. The feature allows you to display a message, hence the ransom notes. People who have a passcode lock engaged can unlock their devices and turn off “Find My iPhone,” but those who don’t have a passcode are locked out of their systems.

    Apple said there’s been no breach of its iCloud service—meaning hackers haven’t obtained usernames and passwords from Apple’s systems. It is possible that people’s iPhones, iPads and Macs could be compromised if their usernames and passwords were obtained through phishing scams, or if they use the same log-in credentials at another online service that was breached.

    “Apple takes security very seriously and iCloud was not compromised during this incident,” a spokesperson said. “Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.”

    Like the eBay data breach reported last week, the fears over hijacked Apple devices throw a spotlight on the security steps that people should be taking. For starters, don’t give hackers a “skeleton key” by using the same password for multiple services like iCloud. Also, enact two-step verification whenever possible, and for Apple devices, always use a personal passcode.

    Other tips: back up your data to iTunes or iCloud so that you don’t lose important information in the event you have to wipe your device clean. (Some media, such as photos and videos, can also be saved elsewhere on the cloud through an app, or copied to a computer’s hard drive.)

Permissões de Postagem

  • Você não pode iniciar novos tópicos
  • Você não pode enviar respostas
  • Você não pode enviar anexos
  • Você não pode editar suas mensagens