Some iOS devices hijacked and held hostage in Australia

Oleg Pliss

A growing number of iPhone, iPad and Mac users in Australia are turning to the Apple Support Communities and Twitter to report incidents of their device being remotely locked through iCloud. In some cases, a fraudulent message appears through the Find my iPhone service demanding payment between $50 and $100 to someone named Oleg Pliss for the device to be unlocked… 

iPad user veritylikestea wrote the following on the Apple Support Communities:

“I was using my iPad a short while ago when suddenly it locked itself, and was askiwhich [sic] I’d never previously set up. I went to check my phone and there was a message on the screen (it’s still there) saying that my device(s) had been hacked by ‘Oleg Pliss’ and he/she/they demanded $100 USD/EUR (sent by PayPal to lock404(at)hotmail.com) to return them to me.”

Another user ShellsBell57 and several others corroborated the ongoing issue:

“I have the exact same problem, with the same message from “Oleg Pliss”. I assume I can erase my phone, but is there anything else that can be done? I have changed my iCloud password.”

Affected users have also turned to Twitter to voice their concerns:

https://twitter.com/athanaelucev/statuses/470926027716173824

As reported by the Melbourne-based newspaper The Age, there is a software engineer and computer scientist at Oracle named Oleg Pliss, in addition to a banking professional in Ukraine and several others in Russia. It is safe to assume that a senior Oracle employee is not the source of these attacks, but rather hackers simply using a fake name.

PayPal has acknowledged that it is aware of the situation, and advises that anyone monetarily affected by this situation will be refunded. A spokesperson also confirmed that no PayPal account is linked to the email address provided by the hacker. The Australian Competition and Consumer Commission has also received one report on the issue so far. Apple has not commented on the matter.

It appears that only Australian users have had their devices held hostage, particularly those in the states of Queensland, New South Wales, Western Australia, South Australia and Victoria. It is speculated that hackers have taken advantage of recent security vulnerabilities to compromise Apple ID accounts, in turn allowing for them to remotely lock iPhones, iPads and Macs through iCloud.

How to secure your Apple ID account

Signing in to iCloud Keychain

It is highly recommended that users set a strong unique password and enable two-step verification for their Apple ID. Our own Cody Lee has written step-by-step instructions on how to setup two-step authentication for an Apple ID if you are unsure how to do so.

iPhone, iPad and Mac users can go one step further by looking into a secure password manager such as 1Password. The app features a strong password generator, authenticated encryption, cross-platform syncing, security auditing and much more.