[Owasp-ireland] Apple Devices hacked by Oleg Pliss.. what to do next?

Fabio Cerullo fcerullo at owasp.org
Wed May 28 11:36:03 UTC 2014


A number of Australian/US/UK iPad and iPhone users are experiencing some
issues with their Apple devices. A message, saying something like this is
popping up on their screens:

[image: Oleg Pliss Attack]

Device hacked by Oleg Pliss. For unlock device...

In order to unlock the device Mr Pliss is asking for the modest sum of
$100/€50 Now.. although the mechanism used to hack these accounts is still
unclear, it seems the attackers got hold of the victims' iCloud login
credentials and locked their devices remotely. It is speculated that the
attackers got hold of these credentials from another data breach and just
guessed that Apple users would use the same information.

*Steps to protect yourself (if you haven't been hacked)*

1)      Enable 2FA (2-factor authentication) *right now* for your iCloud
account. This will prevent someone holding your iCloud login details to
access it. Instructions on how enable 2FA can be found on Apple's support
site: http://support.apple.com/kb/HT5570

2)      Change your iCloud password as a preventive measure, especially if
you are using the same password for different sites. Instructions on how to
do this can be found on Apple’s support site:
http://support.apple.com/kb/PH2617

*Steps to take (if you have been hacked)*

1)      If the attackers have set a passcode on your device, instructions
on how to bypass the lock can be found on Apple's support site:
http://support.apple.com/kb/ht1212 However, this requires resetting the
device, which would erase all information that is not backed up.

2)      In case you cannot recover control of your device, you might need
to contact Apple’s support customer care. Here are the phone numbers:
http://support.apple.com/kb/he57

Last but not least, don’t pay the ransom as it's your device and you have
every right to own it!


Regards,

Fabio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-ireland/attachments/20140528/a3fd75fc/attachment.html>


More information about the Owasp-ireland mailing list