APPLE users were sent into a panic when a particularly nasty scam held their devices ransom earlier this week.
An unknown number of Apple users throughout Australia received sinister messages from a mysterious hacker named Oleg Pliss that demanded $100 to unlock their iPhones, iPads, iPods and other devices.
The Australian Government’s Stay Smart Online initiative has released a high-priority alert about the hacking event, and the NSW Police has also warned its Facebook followers about the dangers.
Now, Crispin Kerr, the Asia-Pacific managing director of online security company Webroot, has shared his insights into how the scam worked and what Aussies can do to protect themselves in the future.
Hackers held iPhones to ransom. Source: News Limited
HOW WAS THE HACKING ACHIEVED?
Mr Kerr said the Apple devices themselves had not been compromised.
The hackers gained access remotely by logging into the users’ Apple storage system, iCloud.
From there, they activated the Find My Phone feature, which allows users to lock down the device remotely in case of theft.
“It is unlikely — but not impossible — that Apple itself was hacked since the hack primarily targeted Australian users,” Mr Kerr said.
“A popular third-party website or service was most likely hacked and user credentials were attained this way.
“Because most users use the same passwords for multiple sites and services, passwords attained from other sources were likely used to gain access to iCloud.”
Apple released an official statement about the hacking yesterday.
“Apple takes security very seriously and iCloud was not compromised during this incident,” it said.
No comments:
Post a Comment