This week, in the hours before daylight, a hacker sent an unsettling alert to iPhone users in Australia. The husband of a Sydney council member received the message at 4 a.m.; a graphic designer was awakened at 2 a.m.
Their phones had been hacked and locked by "Oleg Pliss" and were being held for ransom, unless the users sent money to a PayPal account. The incidents seemed isolated to Australia, but in a troubling development iPhone users in the U.S., writing on Apple's discussion forum, are starting to report the same strange alert.
"I'm in the US. Never been to Australia," wrote wheelman2188 on the forum. "Hacked last night [by] the Oleg Pliss nonsense. Currently restoring to try and get it back online."
Users who had pass codes on their devices seem to have been able to get back in, but those who didn't have had to restore their iPhones or iPads to the factory setting (hoping that they were backed up on iTunes when they did so).
Ransomware hacking came out of Russia and Eastern Europe about five years ago and spread west, according to the Internet security firm Norton. It has become more prevalent in the past two years with criminals typically charging between $60 and $200 to unlock a computer. Norton estimates that with the various ransomware malware out there, victims have ended up paying about $5 million per year.
This kind of hacking — locking users' devices and demanding money — has been used on laptops and desktops before but is spreading to mobile. Some tech blogs have speculated that recent security breaches at eBay and Yahoo might be connected to the attacks.
"It's possible that hackers have obtained access to a leaked list of email addresses and passwords, exploiting the fact that many people will reuse the same account details for their Apple ID," writes Tom Warren at The Verge. "Database breaches are becoming far too common, with eBay, Adobe, Yahoo, and Target all falling victim in recent months."
Somehow, it seems all the more invasive and personal on mobile, since many of us keep our smartphones so close, even as we sleep. This is part of an unnerving trend as technology becomes more integrated into our lives.
Recently, security flaws were discovered that could allow hackers to unlock some BMWs remotely; certain BMW models use the i Remote app, which lets drivers turn on the heat or AC or unlock doors from outside the car. Perhaps creepiest of all, criminals have used Blackshades, a remote administration tool or RAT, for extortion and bank fraud, collecting keystrokes to steal passwords and turning on people's computer webcams. Gives you the heebie-jeebies, doesn't it?
How can you prevent ransomware attacks? First, enable a pass code on your smartphone. Also, start using two-step verification if you don't already, and set a different password for each of your accounts.
If you're one of the people affected by the by the "Oleg Pliss" iPhone hack, Softpedia offers these tips:
Whatever you do, don't pay the hackers a dime. It's your device and you have every right to regain control of it. It's not your fault your password got stolen.
Contact Apple. It may sound like an ordeal, but what would you prefer: paying $100 ... upfront not knowing if the hackers will give you back your freedom, or having to chitchat with Apple Support on the phone? You can ring up Apple here.
In case Apple can't help you right now and/or the hackers have set a passcode on your device, instructions on how to bypass the lock can be found on Apple's support site, KB article ht1212.
Once you regain control of your device, it may be only for a brief period of time. This is your window of opportunity to change your Apple ID password and leave the ransomware guys in the cold. Changing/resetting your password can be done at appleid.apple.com.
Once you've done all this, it's highly recommended that you switch on two-step verification, so nothing like this ever happens again.