Skip to main content
  1. Home
  2. Mobile
  3. News

Report: Hackers are holding iOS devices for ransom through Find My iPhone

By

LuMee Selfie Light Case
Image used with permission by copyright holder
There’s a new ransomware trick in town, and it’s aimed at iOS device owners and their Apple ID accounts. Dutch site AppleTips reports that hackers who have managed to gain access to a victim’s Apple ID credentials are using the Find My iPhone feature to lock the devices down and demand $50 in return for providing access. The ransom-based message appears on the iPhone or iPad’s lock screen, and includes an email address.

The good news here is that the iOS device that’s held hostage can be released from its captors simply by entering the passcode or using Touch ID. The bad news here is that the hacker has control over the user’s Apple ID account, meaning they have access to the victim’s email addresses, physical address, payment information, and so on. Hackers can even change the password, change the security questions, and enable two-step verification if it’s turned off.

Recommended Videos

Additionally, hackers can log into iCloud and cause all kinds of havoc, such as accessing the victim’s contacts, email, stored photos, and getting access to iCloud Drive. Thus, the whole ransomware scheme is somewhat small when compared to the damage hackers can do when they have access to Apple ID credentials.

Related

Chances are, hackers are acquiring Apple ID information because customers are using the same password across multiple services and websites. When one gets infiltrated, hackers will use that information to possibly gain access to the other sites and services used by the victim. This is why two-step verification is important, along with using numerous passwords.

By using Apple’s two-step verification system, customers can have their iPhone or iPad serve as a secondary login device. For example, when users try to access their Apple ID account online, they are required to provide the email address and password as usual. However, Apple will supply a registered device with an SMS message containing a verification code that also must be entered. This should keep hackers out of the customer’s sensitive Apple ID and iCloud accounts.

Ransomware is typically associated with Windows and Android-based devices, not Apple’s iPhone or iPad. The very first “fully functional” ransomware on a Mac was reported back in March by Palo Alto Networks. The Transmission BitTorrent client installer was found to be infected with “KeRanger” ransomware signed with a valid Mac app development certificate. Prior to that, FileCoder was discovered by Kaspersky Lab back in 2014, but it was deemed as incomplete.

Essentially, KeRanger encrypted specific files and demanded that the victim cough up around $400 through a provided email address in order to regain access to those files. After the report, Apple revoked that particular development certificate and updated the XProtect antivirus signature. Palo Alto Networks provided a list of steps for removing the ransomware, including using Terminal or Finder to delete the infected Transmission files.

What’s really cool about Apple’s Find My iPhone feature is that customers can log onto a desktop and laptop to hunt down their misplaced iOS-based mobile device. Customers can force the device to make a sound, they remotely erase the device, or turn on Lost Mode, locking it down. However, as we’ve seen with this latest ransomware trick, hackers find this an ideal way to generate some cash.

Editors' Recommendations

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
3 reasons why I’ll actually use Anker’s new iPhone power bank
A person holding the Anker MagGo Power Bank.

Power banks are a necessary evil, and even if you don’t consider yourself a “power user” who's likely to drain a phone’s battery in less than a day, there will be times when one comes in handy. And when I am forced to carry one, I want it to be as helpful and versatile as possible.

I’ve been trying Anker’s MagGo Power Bank 10K -- meaning it has a 10,000mAh cell inside it -- and there are three reasons why I'm OK with it taking up valuable space in my bag.
It has a screen on it

Read more
Here’s how Apple could change your iPhone forever
An iPhone 15 Pro Max laying on its back, showing its home screen.

Over the past few months, Apple has released a steady stream of research papers detailing its work with generative AI. So far, Apple has been tight-lipped about what exactly is cooking in its research labs, while rumors circulate that Apple is in talks with Google to license its Gemini AI for iPhones.

But there have been a couple of teasers of what we can expect. In February, an Apple research paper detailed an open-source model called MLLM-Guided Image Editing (MGIE) that is capable of media editing using natural language instructions from users. Now, another research paper on Ferret UI has sent the AI community into a frenzy.

Read more
There’s a big problem with the iPhone’s Photos app
The Apple iPhone 15 Plus's gallery app.

While my primary device these days continues to be my iPhone 15 Pro, I’ve dabbled with plenty of Android phones since I’ve been here at Digital Trends. One of my favorite brands of phone has been the Google Pixel because of its strong suite of photo-editing tools and good camera hardware.

Google first added the Magic Eraser capability with the Pixel 6 and Pixel 6 Pro, which is a tool I love using. Then, with the Pixel 8 series, Google added the Magic Editor, which uses generative AI to make edits that wouldn’t be possible otherwise. There are also tools like Photo Unblur, which is great for old photographs and enhancing images that were captured with low-quality sensors.

Read more