Skip to main content

Report: Hackers are holding iOS devices for ransom through Find My iPhone

There’s a new ransomware trick in town, and it’s aimed at iOS device owners and their Apple ID accounts. Dutch site AppleTips reports that hackers who have managed to gain access to a victim’s Apple ID credentials are using the Find My iPhone feature to lock the devices down and demand $50 in return for providing access. The ransom-based message appears on the iPhone or iPad’s lock screen, and includes an email address.

The good news here is that the iOS device that’s held hostage can be released from its captors simply by entering the passcode or using Touch ID. The bad news here is that the hacker has control over the user’s Apple ID account, meaning they have access to the victim’s email addresses, physical address, payment information, and so on. Hackers can even change the password, change the security questions, and enable two-step verification if it’s turned off.

Recommended Videos

Additionally, hackers can log into iCloud and cause all kinds of havoc, such as accessing the victim’s contacts, email, stored photos, and getting access to iCloud Drive. Thus, the whole ransomware scheme is somewhat small when compared to the damage hackers can do when they have access to Apple ID credentials.

Chances are, hackers are acquiring Apple ID information because customers are using the same password across multiple services and websites. When one gets infiltrated, hackers will use that information to possibly gain access to the other sites and services used by the victim. This is why two-step verification is important, along with using numerous passwords.

By using Apple’s two-step verification system, customers can have their iPhone or iPad serve as a secondary login device. For example, when users try to access their Apple ID account online, they are required to provide the email address and password as usual. However, Apple will supply a registered device with an SMS message containing a verification code that also must be entered. This should keep hackers out of the customer’s sensitive Apple ID and iCloud accounts.

Ransomware is typically associated with Windows and Android-based devices, not Apple’s iPhone or iPad. The very first “fully functional” ransomware on a Mac was reported back in March by Palo Alto Networks. The Transmission BitTorrent client installer was found to be infected with “KeRanger” ransomware signed with a valid Mac app development certificate. Prior to that, FileCoder was discovered by Kaspersky Lab back in 2014, but it was deemed as incomplete.

Essentially, KeRanger encrypted specific files and demanded that the victim cough up around $400 through a provided email address in order to regain access to those files. After the report, Apple revoked that particular development certificate and updated the XProtect antivirus signature. Palo Alto Networks provided a list of steps for removing the ransomware, including using Terminal or Finder to delete the infected Transmission files.

What’s really cool about Apple’s Find My iPhone feature is that customers can log onto a desktop and laptop to hunt down their misplaced iOS-based mobile device. Customers can force the device to make a sound, they remotely erase the device, or turn on Lost Mode, locking it down. However, as we’ve seen with this latest ransomware trick, hackers find this an ideal way to generate some cash.

Kevin Parrish
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
These three iOS 26 beta features are my favorite so far
The Liquid Design lock screen on the iOS 26 developer beta 1 running on the iPhone 16 Pro

For fans of the Apple ecosystem, it’s been an incredible week. Apple’s annual WWDC 2025 keynote revealed a whole new Liquid Glass design that’s unified across all its platforms. Also unified across all platforms is the numbering scheme, with iOS 26 designed to represent the year of release… plus one. 

The new platform doesn’t deliver one of the key things I asked for — multitasking, which is available on iPadOS 26 — but it does bring several new features that make the iPhone far more usable. 

Read more
Apple’s new iPadOS 26 shows Google what Android tablets need
4 windows open multitasking on the iPad Pro M4 11 running iPadOS 26 developer beta 1

Since the launch of the first iPad, Android tablets have struggled to compete. A lack of optimized apps means that Android tablets still don’t offer as seamless a transition to larger displays, which also impacts the best folding phones, where many apps don’t take advantage of the larger displays.

However, one area where Android tablets have outperformed the iPad is in productivity and multitasking. Samsung’s DeX desktop mode has been key to ensuring that some Android tablets offer a desktop-like experience, albeit one that needs more optimized applications. Last week, OnePlus also joined the party with the innovative Open Canvas system on the OnePlus Pad 3.

Read more
My Android 16 update made me jealous of iOS 26… but it shouldn’t
Deep down, I know my disappointment is irrational
The Android 16 logo on the screen of the Pixel 9 Pro Fold

I've just downloaded Android 16 on my Pixel 9 Pro Fold. As someone who’s a sucker for a software update this should be a momentous occasion - so why am I feeling flat?

Whether it's an update for one of my favourite apps, or a complete operating system overhaul, I love pouring over change logs to see what's new and diving into features.

Read more