Bizarre Australian iPhone, iPad hijack serves as yet another reminder to use unique passwords
There are reports coming out of Australia about iPhones and iPads somehow getting locked down by Find my iPhone, in some cases with a message claiming the devices will only be unlocked if a AUS$100 ransom is paid. What makes this bizarre is that it appears to only be happening in Australia (and the internet has no borders) and it's unclear how the attackers are accessing Find my iPhone for the devices in question. So, what's going on?
One theory is that some other service was hacked and because people were using the same email and password combinations for that service and their Apple IDs, the attacker could access their iPhones and iPads online via Find my iPhone as well. But why just Find my iPhone, why only some hostage messages, and why AU$100? It feels almost more like the hack equivalent of stealing a car for a joy ride.
Whatever this turns out to be, the story should serve as yet another reminder to everyone to use a strong, unique passwords for Apple ID and for any other critical internet account you have, including Google, Amazon, or anything tied to your communications or credit cards.
Yes, strong, unique passwords are more difficult and tedious to use, and you will almost certainly require a password manager app to use them effectively, but the extra effort is more than worth it based on the protection they provide. It means that if any one service is ever hacked, you'll only have to worry about that service, not every other one that uses to the same email address and password.
Second, set up and use two-step authentication for your Apple ID and for Google and any other critical service you use that supports it. Again, it's a far greater pain in the apps than not using it, but it affords a much higher level of protection because even if someone gets your password, that's only 1 of the 2 steps. It makes taking over your account immeasurably more difficult.
Also, if there are security questions, pick non-guessable answers and store them in your password manager as well. Attackers can find out the name of your first pet, first friend, or street you grew up on. It's immeasurably harder to compromise random characters or words you stuck in as answers.
If you're one of the people already affected, and there's no immediately obvious way for you to unlock the device directly, you can try and put your iPhone or iPad into recovery mode or DFU mode and then restore from the latest iCloud backup, or, if old-school, restore from the most recent iTunes backup.
If it looks like the password has been changed, go to Apple ID password recovery (opens in new tab) and reset my password — strong and unique! — to regain control of the account. If that doesn't work, go to the Apple Store or call AppleCare support with your proof of purchase.
We're still looking into the story, and we'll report back if and when we find out more. Apple has a phenomenal security team and Apple typically offers tremendous customer service as well. Since this incident has been widely reported it's probably safe to assume Apple has seen it too, though it will no doubt take time to figure out, both in terms of the hack and how to best recover from it. Whether there's anything Apple can do on their end, or whether it's really just a matter of all of us using better, stronger, unique passwords remains to be seen.
If you've experienced this hack, recovered from it, or have any advice or opinions in general to share, please let me know in the comments.
Source: Apple Support Forum (opens in new tab) via View News. Thanks Greg!
Rich Edmonds contributed to this article
Get the best of iMore in your inbox, every day!
Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.
Only users who haven't set a lock screen passcode are locked out, since the hacker remotely assigned the passcode via iCloud. Users with set pass codes can still use them to gain access to their devices.
I don't think setting a password makes everything go off beautifully. Some hackers easily gain access to Wi-Fi connected iPhone when it's jail-broken if they try the default root password, 80% jailbreakers know nothing about the root password configuration after their jailbreak!!! Some users even install spy apps like ikeymonitor to steal unlock pass-code when the device is jailbroken. We are not living in a safe world protected by password. But it is at least safer than no password. In normal cases, password is a protective and useful shield, even if it is weak to some extend..