Back in 2014, a pair of Russian hackers targeted Australians with iOS devices, locking them remotely and demanding $100 in ransom. Later that year two of the hackers were arrested, but it looks like the same scam could be making a comeback.
After receiving a tip that 40 million iCloud accounts had been compromised CSO did some digging and found that the scam was now targeting people in the U.S. and Europe. In this case, the hackers are locking devices and demanding $30 to $50 within 12 hours or all the data gets wiped.
Once the hackers gain access to your Apple ID they can use the Find My iPhone feature to put your device in Lost Mode. From there it’s easy to lock the device and put a message on your screen. The message usually includes an email address to contact for further instructions.
COS found evidence of at least five incidents last month. In one case a woman was able to reclaim her hacked iPad using a factory reset with some help from Apple. But that means losing all your data and apps anyway unless you have them backed up somewhere else.
It’s unclear exactly how the hackers are getting access to all these iCloud accounts. It could be a case of people reusing the same passwords, combined with massive hacks like the ones that hit Linked and MySpace this year. COS also points to a compromised Mac-Forums database up for sale online, which apparently contains info on almost 300,000 accounts.
If you’re worried about getting hit by the same scam your best bet is to change your iCloud password immediately. You should also set up two-factor authentication whenever possible if you haven’t already. Apple also has a support page for anyone who thinks their account has been hacked, which you can check out via the source link below.