Skip to main content
  1. Home
  2. Mobile
  3. News

Report: Hackers are holding iOS devices for ransom through Find My iPhone

Kevin Parrish
By

LuMee Selfie Light Case
Image used with permission by copyright holder
There’s a new ransomware trick in town, and it’s aimed at iOS device owners and their Apple ID accounts. Dutch site AppleTips reports that hackers who have managed to gain access to a victim’s Apple ID credentials are using the Find My iPhone feature to lock the devices down and demand $50 in return for providing access. The ransom-based message appears on the iPhone or iPad’s lock screen, and includes an email address.

The good news here is that the iOS device that’s held hostage can be released from its captors simply by entering the passcode or using Touch ID. The bad news here is that the hacker has control over the user’s Apple ID account, meaning they have access to the victim’s email addresses, physical address, payment information, and so on. Hackers can even change the password, change the security questions, and enable two-step verification if it’s turned off.

Recommended Videos

Additionally, hackers can log into iCloud and cause all kinds of havoc, such as accessing the victim’s contacts, email, stored photos, and getting access to iCloud Drive. Thus, the whole ransomware scheme is somewhat small when compared to the damage hackers can do when they have access to Apple ID credentials.

Related

Chances are, hackers are acquiring Apple ID information because customers are using the same password across multiple services and websites. When one gets infiltrated, hackers will use that information to possibly gain access to the other sites and services used by the victim. This is why two-step verification is important, along with using numerous passwords.

By using Apple’s two-step verification system, customers can have their iPhone or iPad serve as a secondary login device. For example, when users try to access their Apple ID account online, they are required to provide the email address and password as usual. However, Apple will supply a registered device with an SMS message containing a verification code that also must be entered. This should keep hackers out of the customer’s sensitive Apple ID and iCloud accounts.

Ransomware is typically associated with Windows and Android-based devices, not Apple’s iPhone or iPad. The very first “fully functional” ransomware on a Mac was reported back in March by Palo Alto Networks. The Transmission BitTorrent client installer was found to be infected with “KeRanger” ransomware signed with a valid Mac app development certificate. Prior to that, FileCoder was discovered by Kaspersky Lab back in 2014, but it was deemed as incomplete.

Essentially, KeRanger encrypted specific files and demanded that the victim cough up around $400 through a provided email address in order to regain access to those files. After the report, Apple revoked that particular development certificate and updated the XProtect antivirus signature. Palo Alto Networks provided a list of steps for removing the ransomware, including using Terminal or Finder to delete the infected Transmission files.

What’s really cool about Apple’s Find My iPhone feature is that customers can log onto a desktop and laptop to hunt down their misplaced iOS-based mobile device. Customers can force the device to make a sound, they remotely erase the device, or turn on Lost Mode, locking it down. However, as we’ve seen with this latest ransomware trick, hackers find this an ideal way to generate some cash.

Editors' Recommendations

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
There’s a big problem with the iPhone’s Photos app
The Apple iPhone 15 Plus's gallery app.

While my primary device these days continues to be my iPhone 15 Pro, I’ve dabbled with plenty of Android phones since I’ve been here at Digital Trends. One of my favorite brands of phone has been the Google Pixel because of its strong suite of photo-editing tools and good camera hardware.

Google first added the Magic Eraser capability with the Pixel 6 and Pixel 6 Pro, which is a tool I love using. Then, with the Pixel 8 series, Google added the Magic Editor, which uses generative AI to make edits that wouldn’t be possible otherwise. There are also tools like Photo Unblur, which is great for old photographs and enhancing images that were captured with low-quality sensors.

Read more
Why you should buy the iPhone 15 Pro Max instead of the iPhone 15 Pro
Someone holding an iPhone 15 Pro Max outside on a patio, showing the back of the Natural Titanium color.

If you want the best iPhone money can buy in 2024, you have two options: the iPhone 15 Pro and the iPhone 15 Pro Max. They have the same chipset, similar display technology, nearly identical cameras, etc. It's a really close battle, save for the fact that the iPhone 15 Pro is $200 cheaper.

It might be tempting to save some cash and choose the iPhone 15 Pro, but I recommend you splurge for the larger (and more expensive) iPhone 15 Pro Max. Why? Let me explain.
It's a big iPhone you won't hate using

Read more
This one thing could make iOS 18 the best iPhone update in years
The Home Screen on the iPhone 15 Pro Max.

Apple’s WWDC 2024 is just a couple of months away. As with every WWDC, we’ll see what Apple has in store for the next generation of software across its hardware portfolio, including the iPhone with iOS 18.

Rumors have been swirling about iOS 18 and how it will be “one of the biggest updates yet.” We know some features like RCS support in Messages are definitely coming, with other whispers of big home screen customization changes and more.

Read more