There's a frightening scam going around where hackers take over your iPhone and won't unlock it until you send money
View all Offers
eKools® Women's Fleece Blend Winters Hoodie Sweatshirt with Pockets (Flee2 Series)₹ 798₹ 2199Buy On
- 69% OFF
Qube By Fort Collins Men's Parka Coat (50BAQ_Maroon_Large)₹ 952₹ 2799Buy On
- 45% OFF
Marks & Spencer Women's Stretch Viscose Tee Cardigan Sweater (T38/5765X_Grey_10)₹ 999₹ 999Buy On
- 70% OFF
Qube By Fort Collins Women's Parka Coat (89500Q_Navy/Orasto_Large)₹ 2999₹ 2999Buy On
Amazon Brand - Symbol mens Track Pants₹ 459₹ 1299Buy On
Attackers, armed with stolen iCloud passwords, are turning Apple's "Find My iPhone" feature into a way to collect ransom.
It's a new, chiefly Russian scam affecting iPhones and iPads. An attacker uses iCloud's "find device" feature to lock an Apple device remotely, then demands money before he unlocks the device, usually $30 to $50.
But where are the attackers getting the iCloud passwords from?
CSO reports that certain security professionals have been discussing "rumblings of a massive data breach at Apple."
Apple says there is no truth to the rumor and that there has not been a data breach.
Instead, it's likely the attackers are getting passwords through more traditional methods, such as guessing or using account information from leaked databases like LinkedIn.
One day, his phone locked itself, and put itself in "lost mode," which is usually used by an iPhone's owner to secure a device that's been stolen or lost.
Instead, an attacker activated lost mode, and used Apple's lost iPhone message function to display a message in Russian that translates roughly to "to get your password send an e-mail to firstname.lastname@example.org."
When Kilishek emailed the address, they asked him for 1500 rubles, or about $23, or else they would use Apple's built-in functions to wipe his phone.
In order for the attacker to activate lost mode, he needed Kilishek's iCloud username and password.
These scams are possible because people reuse passwords across sites, and since several Russian social networks and LinkedIn have been hacked, passwords are floating around.
Reused passwords are probably how a separate hacking group has been able to send messages from the social accounts of major tech executives, such the CEOs of Google and Facebook.
- Shrinking car and two-wheeler sales is now hurting India’s biggest private bank
- The best pay masters in the gig economy aren’t good enough
- Amazon Great Republic Sale: Top deals on recliners, sofas and more home furnishing items
- Best fashion and beauty deals during Amazon sale
- Amazon Great Republic Day Sale — Best audio deals on headphones, speakers