A number of iPhone and iPad users have fallen foul of a particularly nasty hack, in which they find themselves locked out of their devices unless they pay to have them unlocked.
The extortionist leaves a message claiming to be from the well-known software engineer Oleg Pliss. A message on the screen reads “Device hacked by Oleg Pliss”, and encourages the user to pay US$100 (£59).
The exploit only appears to affect users connected to the iCloud service. A number of users, most of them from Australia, took to Apple’s Support forums complaining of the same issue, saying they had been hit on multiple Apple devices at once and were forced to change iCloud passwords.
“iPad woke me at 4.30am with the message ‘Your device has been hacked by Oleg Pliss’ and sound — I thought it was the morning alarm,” wrote one user going by the handle deskokat.
“I then signed in to my powerbook — but as a guest user — VERY grateful I did. Message to say I’d been hacked there too, wouldn’t let me sign out without erasing all data for that user. As there was nothing but a couple of expendable files on there, I signed out. And the guest user portal has been erased. I then went into my own (password protected) desktop, no hacking message. Have changed my Apple ID password.”
The user also reported receiving a total 15 messages in their hotmail account stating that their devices had been registered as “lost” through Find My iPhone services, suggesting that the theft-prevention service was ironically the vector of attack. However, there has been no confirmation on whether Apple’s systems have been compromised, or whether it is simply poor password habits by the users.
One user, georz, has offered the following advice to fix the problem:
- Turn off your phone
- Plug your cable into the computer and have iTunes open (do not plug into the phone yet)
- Press and hold the home key on your turned-off phone (for about 10 seconds).
- If nothing happens, plug in the cable into your phone (keep holding the home key)
- Wait until you see the picture of iTunes and the cable on the front of the phone
- Your itunes should then recognise the phone as an unidentified phone
- Select restore factory settings (it should download some software) after approximately 15 minutes and automatically install it
- The phone should go through some of the standard reset screens (usually black screen with apple icon and loading bar)
- You will be prompted to restore the phone…. do this from iTunes not the phone
- Throughout this process you must not let the phone or computer go into sleep mode, and don’t disconnect
However, prevention is definitely better than a cure. Make sure your iCloud account has a strong password containing numbers, capital letters and symbols. Also ensure that you have set a passcode on the device, as the remote lock normally can be overridden by entering that passcode once you’ve visited iCloud.com and taken the device out of lost mode.
For devices that didn’t have a passcode, the solution seems to be to go through the above process and then backup and restore the device via iTunes on OS X or Windows.Leave a comment on this article