1. Computing

Apple 'Find My' service is helping hackers ransom users' systems

Jon Martindale
By

apple find my ransom new iphone header
Although utilities like Find My iPhone have helped curb smartphone thefts, they also provide a new avenue of attack for hackers. The security utility is now being used by some underhanded individuals to lock Apple users’ hardware, before blackmailing them into paying to have their devices unlocked.

Originally introduced by Apple in 2010, the “Find My” service lets users use GPS location to find exactly where their iPhone, iPad, or Mac computer is in the real world. “Lost Mode” allows users to lock their device, too, theoretically preventing a thief from being able to access personal information. But unfortunately, that means that if a nefarious individual steals someone’s login information, they can use it to ransom access to a user’s device.

The ransom message is delivered on the lock screen itself, often with a Bitcoin wallet address. In the case of one user, their hacker demanded 0.01 Bitcoin to unlock the device, or around $40.

Much like ransomware, the general advice is to not pay the blackmail charge as it only emboldens hackers to continue the practice. The best bet would be to contact Apple directly to help solve the problem.

Y'all my MacBook been locked and hacked. Someone help me @apple @AppleSupport pic.twitter.com/BE110TMgSv

— Jovan (@bunandsomesauce) September 16, 2017

Although not yet a widespread issue, there have been several recent reports of users finding their systems locked without warning. MacRumors claims that it stems from hacks of third-party services and the age-old issue of password reuse. That has led to the locking of some Apple devices.

It also highlights the fact that one of the key issues with Apple’s “Find my X” service is that it does not require two-factor-authentication. That’s somewhat understandable considering an Apple user may have only the one device of that brand and therefore if they lose it, their trusted secondary login credential may be the one that has gone missing. But that issue is mitigated by the likes of Google, which offers secondary, backup devices to act in their stead in such cases.

Even if you haven’t found yourself affected by this latest scheme, no matter your device brand, it would behoove you to use strong passwords, unique login credentials and two-factor authentication where possible. Although that won’t guarantee you cannot be hacked, it makes you far from the lowest hanging fruit, which is often enough to avoid trouble.

Editors' Recommendations

The best iPhone apps (December 2021)

iOS 14 App Library

The most common Microsoft Teams problems, and how to fix them

A close-up of someone using Microsoft Teams on a laptop for a videoconference.

The most common Apple Watch problems and how to fix them

apple-watch-series-6

The best smartphones for 2021: Which should you buy?

iPhone 13 Pro screen.

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

The best Verizon tablet deals and sales for December 2021

The 8-inch Samsung Galaxy Tab A tablet on top of its box.

Best pressure washer deals for December 2021

best pressure washer deals briggs stratton gas

Best Black Friday Dyson deals for December 2021

dyson v11 torque vacuum deal drive 2 resized

Best home internet deals for December 2021: AT&T, Spectrum, Optimum and more

how to optimize wifi network for work from home wrt1900acs router position location direction improve signal

Best refurbished MacBook deals for December 2021

macbook pro 13 inch vs air m1

Amazon Echo vs. Echo Dot: Battle of siblings

Amazon Echo Dot (4th Gen) with Clock front

The magnificent Pixel 6 Pro should make you very excited about a Pixel Watch

Pixel 6 Pro with the Pixel 6, and Pixel 4a in the middle.

The best Combat Shotgun loadouts in Call of Duty: Vanguard

Combat Shotgun in Call of Duty: Vanguard.