[Owasp-ireland] Apple Devices hacked by Oleg Pliss.. what to do next?

Vanush "Misha" Paturyan ektich at gmail.com
Wed May 28 13:34:41 UTC 2014


I've seen samples of phishing emails alleging that "Your Apple ID has been
Disabled for Security Reasons!" ans pointing to the site in Australia.
Could be the answer to the question "how attackers got hold of these
credentials"...


On 28 May 2014 12:36, Fabio Cerullo <fcerullo at owasp.org> wrote:

> A number of Australian/US/UK iPad and iPhone users are experiencing some
> issues with their Apple devices. A message, saying something like this is
> popping up on their screens:
>
> [image: Oleg Pliss Attack]
>
> Device hacked by Oleg Pliss. For unlock device...
>
> In order to unlock the device Mr Pliss is asking for the modest sum of
> $100/€50 Now.. although the mechanism used to hack these accounts is still
> unclear, it seems the attackers got hold of the victims' iCloud login
> credentials and locked their devices remotely. It is speculated that the
> attackers got hold of these credentials from another data breach and just
> guessed that Apple users would use the same information.
>
> *Steps to protect yourself (if you haven't been hacked)*
>
> 1)      Enable 2FA (2-factor authentication) *right now* for your iCloud
> account. This will prevent someone holding your iCloud login details to
> access it. Instructions on how enable 2FA can be found on Apple's support
> site: http://support.apple.com/kb/HT5570
>
> 2)      Change your iCloud password as a preventive measure, especially if
> you are using the same password for different sites. Instructions on how to
> do this can be found on Apple’s support site:
> http://support.apple.com/kb/PH2617
>
> *Steps to take (if you have been hacked)*
>
> 1)      If the attackers have set a passcode on your device, instructions
> on how to bypass the lock can be found on Apple's support site:
> http://support.apple.com/kb/ht1212 However, this requires resetting the
> device, which would erase all information that is not backed up.
>
> 2)      In case you cannot recover control of your device, you might need
> to contact Apple’s support customer care. Here are the phone numbers:
> http://support.apple.com/kb/he57
>
> Last but not least, don’t pay the ransom as it's your device and you have
> every right to own it!
>
>
> Regards,
>
> Fabio
>
> _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-ireland/attachments/20140528/23bde10a/attachment.html>


More information about the Owasp-ireland mailing list