Starting in May 2014, several Apple device users throughout Australia and the U.S., as well as a few from the U.K. and New Zealand, have been running into a bit of trouble when their devices were unexpectedly locked and held for ransom. These victims found an unusual lock screen on their devices that informed them that someone called “Oleg Pliss” had locked their devices. According to the message, Oleg Pliss demanded a payment of anywhere from $50 to $100 (or 50 to 100 euro) via PayPal, MoneyPak, or Ukash for the device to unlock.
The “Find My X” ransomware didn’t involve installing any malware; rather, it was simply a con that preyed on people’s naiveté and utilized features built into iOS. First, people were scammed into signing up for a fake video service that required entering their Apple ID. Once they had the Apple ID, the hackers would create iCloud accounts using those IDs. Then, they would log in to the “Find My iPhone” feature—a feature that allows iPhone users to lock and locate a stolen or missing phone—to lock the owners out of their own devices. In other words, this means that hackers who have access to a victim’s iCloud credentials are basically doing what a person normally would do with the “Find my X” feature—they are just using this feature against their victims and taking advantage of them in an effort to profit from it.
Of course, this ransomware is not just limited to iPhone Malware. The hackers who use it also target Mac computers and use the “Find My Mac” feature in the exact same way. iPads are not immune to attacks from this ransomware, either, as the “Find my iPad” feature is also fair game to these cyber criminals.
Those whose devices could be potentially targeted and locked by these cyber criminals are recommended to disable the “Find My X” feature from their respective devices. People could also protect their devices by using strong passwords that are difficult to crack—passwords involving letters, numbers, and special characters. Furthermore, experts suspect that people who reuse a password that has been used for different accounts and services that have suffered from data breaches in the past (like iCloud, for example) are at a higher risk of being targeted by this malware.
It is presently unknown how many people were affected by this ransomware, but in June, the Russian police arrested two people who admitted that they were responsible for operating the Find My X ransomware.