Skip to main content

Apple 'Find My' service is helping hackers ransom users' systems

apple find my ransom new iphone header
Image used with permission by copyright holder
Although utilities like Find My iPhone have helped curb smartphone thefts, they also provide a new avenue of attack for hackers. The security utility is now being used by some underhanded individuals to lock Apple users’ hardware, before blackmailing them into paying to have their devices unlocked.

Originally introduced by Apple in 2010, the “Find My” service lets users use GPS location to find exactly where their iPhone, iPad, or Mac computer is in the real world. “Lost Mode” allows users to lock their device, too, theoretically preventing a thief from being able to access personal information. But unfortunately, that means that if a nefarious individual steals someone’s login information, they can use it to ransom access to a user’s device.

The ransom message is delivered on the lock screen itself, often with a Bitcoin wallet address. In the case of one user, their hacker demanded 0.01 Bitcoin to unlock the device, or around $40.

Much like ransomware, the general advice is to not pay the blackmail charge as it only emboldens hackers to continue the practice. The best bet would be to contact Apple directly to help solve the problem.

Y'all my MacBook been locked and hacked. Someone help me @apple @AppleSupport pic.twitter.com/BE110TMgSv

— Jovan (@bunandsomesauce) September 16, 2017

Although not yet a widespread issue, there have been several recent reports of users finding their systems locked without warning. MacRumors claims that it stems from hacks of third-party services and the age-old issue of password reuse. That has led to the locking of some Apple devices.

It also highlights the fact that one of the key issues with Apple’s “Find my X” service is that it does not require two-factor-authentication. That’s somewhat understandable considering an Apple user may have only the one device of that brand and therefore if they lose it, their trusted secondary login credential may be the one that has gone missing. But that issue is mitigated by the likes of Google, which offers secondary, backup devices to act in their stead in such cases.

Even if you haven’t found yourself affected by this latest scheme, no matter your device brand, it would behoove you to use strong passwords, unique login credentials and two-factor authentication where possible. Although that won’t guarantee you cannot be hacked, it makes you far from the lowest hanging fruit, which is often enough to avoid trouble.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Update your Apple devices now to fix these dangerous exploits
A person using a laptop with a set of code seen on the display.

If you’re an Apple user -- whether you have a Mac, an iPhone, an iPad, or an Apple Watch -- you need to update your devices as soon as possible. That’s because Apple has discovered three actively exploited vulnerabilities that could cause your devices serious harm, and the patches are already out to fix them.

One of the bugs was found in Apple’s Security framework and would allow a malicious app to completely bypass a device’s signature validation. Another bug concerns the WebKit browser engine and could grant a threat actor the ability to run arbitrary code when a victim views a certain web page.

Read more
Check out this old news report of when Apple released the first iPhone
Apple's first iPhone.

The first iPhone 15 customers are already heading to Apple Stores in Australia and Asia to pick up the new device, or are having it delivered to their door.

Apple’s new handset range comprises the iPhone 15, iPhone 15 Plus, iPhone 15 Pro, and iPhone 15 Pro Max. Pricing starts at $799 and tops out at $1,599 -- but it’ll cost even more if you opt for a case, a screen cover, and AppleCare.

Read more
How to enable secure boot in Windows 11
Secure Boot setting in an ASUS BIOS.

Enabling Secure Boot is an important step in upgrading to Windows 11, as it's part of the system requirements. It ensures that unauthorized software can't run on your PC, and you will have to enable it before you install Windows 11 or it just won't work. Fortunately, enabling Secure Boot is as quick as changing a single BIOS setting.

Here's how to do it.

Read more