Skip to main content

Report: Hackers are holding iOS devices for ransom through Find My iPhone

LuMee Selfie Light Case
There’s a new ransomware trick in town, and it’s aimed at iOS device owners and their Apple ID accounts. Dutch site AppleTips reports that hackers who have managed to gain access to a victim’s Apple ID credentials are using the Find My iPhone feature to lock the devices down and demand $50 in return for providing access. The ransom-based message appears on the iPhone or iPad’s lock screen, and includes an email address.

The good news here is that the iOS device that’s held hostage can be released from its captors simply by entering the passcode or using Touch ID. The bad news here is that the hacker has control over the user’s Apple ID account, meaning they have access to the victim’s email addresses, physical address, payment information, and so on. Hackers can even change the password, change the security questions, and enable two-step verification if it’s turned off.

Related Videos

Additionally, hackers can log into iCloud and cause all kinds of havoc, such as accessing the victim’s contacts, email, stored photos, and getting access to iCloud Drive. Thus, the whole ransomware scheme is somewhat small when compared to the damage hackers can do when they have access to Apple ID credentials.

Chances are, hackers are acquiring Apple ID information because customers are using the same password across multiple services and websites. When one gets infiltrated, hackers will use that information to possibly gain access to the other sites and services used by the victim. This is why two-step verification is important, along with using numerous passwords.

By using Apple’s two-step verification system, customers can have their iPhone or iPad serve as a secondary login device. For example, when users try to access their Apple ID account online, they are required to provide the email address and password as usual. However, Apple will supply a registered device with an SMS message containing a verification code that also must be entered. This should keep hackers out of the customer’s sensitive Apple ID and iCloud accounts.

Ransomware is typically associated with Windows and Android-based devices, not Apple’s iPhone or iPad. The very first “fully functional” ransomware on a Mac was reported back in March by Palo Alto Networks. The Transmission BitTorrent client installer was found to be infected with “KeRanger” ransomware signed with a valid Mac app development certificate. Prior to that, FileCoder was discovered by Kaspersky Lab back in 2014, but it was deemed as incomplete.

Essentially, KeRanger encrypted specific files and demanded that the victim cough up around $400 through a provided email address in order to regain access to those files. After the report, Apple revoked that particular development certificate and updated the XProtect antivirus signature. Palo Alto Networks provided a list of steps for removing the ransomware, including using Terminal or Finder to delete the infected Transmission files.

What’s really cool about Apple’s Find My iPhone feature is that customers can log onto a desktop and laptop to hunt down their misplaced iOS-based mobile device. Customers can force the device to make a sound, they remotely erase the device, or turn on Lost Mode, locking it down. However, as we’ve seen with this latest ransomware trick, hackers find this an ideal way to generate some cash.

Editors' Recommendations

The one thing the iPhone 14, Galaxy S23, and Pixel 7 all get wrong
Apple iPhone SE (2020) being plugged in to charge.

At Mobile World Congress (MWC) this year, new smartphones broke cover as one would expect. I won't bore you with all the details; Digital Trends' Joe Maring and Jacob Roach wrote an excellent roundup of all the best MWC 2023 announcements already.

One key quality-of-life-improving feature we picked up on as a theme was charging speed. Apple, Samsung, and Google, the mainstream phone brands by coverage (even if not all by sales), stick to a fast-charging average speed of just over an hour — even with the latest iPhone 14, Galaxy S23, and Pixel 7. By comparison, a phone from Xiaomi, Oppo, or OnePlus can get you moving in 30 minutes or even less. It's time to demand more from our phones.
Fast charging exists — just not for you

Read more
I created the perfect iPhone home screen — and you can too
iPhone 14 Pro with custom home screen icons and widgets

With iOS 14, Apple began to open the floodgates for software customization on the iPhone. For the first time, you could add widgets to the home screen and even change app icons to custom ones without the need for a jailbreak. And iOS 16 gave us some more customization options in the form of the lock screen, although the interface for that is su-par, to say the least.

While I see a lot of people still use a stock grid layout on their home screen, I took some time when iOS 14 first came out to customize my iOS experience. I enjoy that it’s not just a boring grid of stock icons — having custom icons and widgets really mix things up a bit and gives me a more informative home screen.

Read more
Will my phone automatically change for daylight saving time?
The iPhone 14 Pro's Dynamic Island showing the timer and music playing.

Like it or not, it's that time of year again — time for daylight saving time. On Sunday, March 12, at 2:00 a.m. (local time), the majority of people in the United States will be "springing forward" and setting their clocks ahead by an hour. Along with losing an hour of sleep, it also poses an important question: will your phone automatically change for daylight saving time?

It's a question that applies regardless of which phone you have. Whether you're rocking an iPhone 14 Pro, a Samsung Galaxy S23 Ultra, or any other smartphone, it's important to know whether or not you need to change it for the new time.

Read more