Australian iPhone and iPad Users Waylaid By Ransomware

DavidGilbert99 (2607235) writes "Multiple iPhone/iPad/Mac users in Australia are reporting their devices being remotely locked and a ransom demand being made to get them unlocked again. However, unlike PC ransomware, the vector of attack here seems to be Apple's iCloud service with the attacker getting to a database of username/password credentials associated with the accounts. It is unclear if the database was one of Apple's or the hacker is simply using the fact that people reuse the same password for multiple accounts and is using data stolen from another source. Apple is yet to respond, but there has already been one report of the issue affecting a user in the UK."

Re:MITM attack

It's not a MITM atack, but rather the hackers are exploiting a vulnerability in iCloud. Then, using the "Find Device" option they block the phone and demand a 100 euro ransom to unlock them, which the user must pay via PayPal. If the user had enabled two-step authentication they could re-gain control of the phone, otherwise they would be forced to pay the ransom. Full article from the Sydney Morning Herald: http://www.smh.com.au/digital-life/consumer-security/australian-apple-idevices-hijacked-held-to-ransom-20140527-zrpbj.html

Re:My heart bleeds for them.

[sribe]

Apple is built on older versions of OpenSSL - this looks like it might be because they weren't quick enough to adapt, and someone snuck in under the radar. Lets hope they get it sorted quickly!

Apple deprecated the use of OpenSSL in 2011, and the version shipped with OS X was never updated to the versions which introduced Heartbleed. Strike 1!

OpenSSL has never been used in iOS. Strike 2!

Apple also was not using affected versions in any of its online/cloud services. Strike 3!

You're out! Your post was ridiculously bad even by /. standards!