iCloud hackers who held iOS devices ransom detained in Russia

Ivan Russia Hacker

The Sydney Morning Herald reports that Russian authorities have detained two young hackers for hijacking iOS devices through iCloud and holding them ransom for payment. The suspects, both residents of the Southern Administrative District of Moscow, are a 23-year-old named Ivan and an unnamed 17-year-old that served as his accomplice.

Russia’s Ministry of Internal Affairs announced on Monday that the hackers were detained during the course of “operational activities” by the Russian Interior Ministry. The hackers were caught on closed-caption TV after attempting to withdraw ransom payment from an ATM machine. The ministry also noted that one of the suspects has already been tried before… 

The 23-year-old Ivan is “madly keen on computers and hacking,” according to the Russian media outlet MKRU. “The young man never studied or worked and was always looking for easy ways to make money,” the publication said of him. Not much is known about his accomplice, outside of the fact that he is six years younger than Ivan.

After searching their apartments, Russian authorities seized PCs, SIM cards, phones, and literature on hacking from the hackers. The report claims that both hackers gave a confession, although it still isn’t fully clear if they were responsible for the ransom attacks in Australia, or a similar hack that some Russian users fell victim to just days later.

Oleg Pliss

A few weeks ago, some iPhone and iPad users in Australia turned to the Apple Support Communities to report a mysterious message locking them out of their devices. Hackers had managed to remotely lock devices through iCloud, and then demanded payment of between $50 to $100 to relinquish control. A fake alias Oleg Pliss was used, and an email address was provided for payment.

Apple soon confirmed that the hack was not the result of an iCloud breach:

Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services. Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.

It was initially believed that recent security vulnerabilities on the web, such as the Heartbleed bug, allowed for the hackers to carry out the hack. In actuality, the Russian Ministry of Internal Affairs has confirmed that the duo was able to gain access to Apple ID accounts through phishing websites, unauthorized email access and social engineering techniques.

The hack also involved a pre-arranged iCloud account:

“The pre-arranged account was one that hackers owned and then ‘leased’, or sold, to users that offered a bunch of movies and music on it. But in order to access the content, users needed to link their devices to the account, which left it vulnerable to being hijacked by hackers who knew its log-in details.”

These recent hacks emphasize the importance of maintaining your security online. It is highly recommended that you regularly change your password and enable two-step authentication on your account. If you want to go one step further, it might be worth looking into a password manager like 1Password for generating and storing unique passwords across all services.