It’s being reported that many Apple iPhone and iPad users are being targeted by hackers who are remotely locking their devices and demanding ransom money in return. This latest scam appears to have started in Australia with a group of hackers going by the name Oleg Pliss who threaten to lock the phone permanently unless a $100 ransom is paid. In a strange coincidence, I was just reading about this on Saturday morning when I got an email from a reader worried about this.
By noon yesterday, it seems, this Oleg Pliss had really got the Internet community riled up and into a bit of a panic with iPhone users wondering what they could do. So, if you happen to have an iPhone and are worried about this, here’s my initial reaction and recommendations:
- Never, ever pay any ransom
- Don’t panic – odds are you’d win the lottery before this happens to you
- Change your Apple ID password (it’s probably old anyway, right?)
- Consider Apple’s 2 Step Verification Program (phones with this are ok)
- Even if your iPhone was locked it can be reset in recovery mode
- Enjoy your iPhone and leave the Find My iPhone app turned on
Hackers accessed users iCloud accounts to enable the Find My iPhone app
Oleg Pliss, or whatever, seems to have found a way to hijack some Apple users iCloud accounts and used that to access the Find My iPhone app. From there it was pretty easy to remotely lock iOS and Mac devices and send messages demanding a ransom. Apple insists that their iCloud data storage has not been compromised and it does appear that the accounts were exposed in some recent security breaches. The hacked accounts were likely not using Apple’s 2-step verification.
The best defense against any of these types of attacks is to have a strong, unique password. Since 2010, I’ve been using the free version of LastPass to create and manage all my passwords. LastPass offers easy-to-use tools to generate complex passwords and then remembers them so I no longer have to. I probably have over 100 unique, strong passwords that are safely encrypted, stored and accessible through my own Master Password that I must remember.
Thanks for visiting!
Không có nhận xét nào:
Đăng nhận xét