Posted by: David Harley | July 8, 2016

Ransomware and a rumoured Apple ID breach

[Also published on the AVIEN blog, where I maintain a ransomware links/information resource]

For CSO Online, Steve Ragan describes how Ransom demands are written in Russian via the Find my iPhone service. Here’s how he describes the attack:

It starts with a compromised Apple ID. From there, the attacker uses Find My iPhone and places the victim’s device into lost mode. At this point, they can lock the device, post a message to the lock screen and trigger a sound to play, drawing attention to it.

Thomas Reed also described a similar attack a few months back using iCloud’s ‘Find My Mac’.

Ragan also mentions ‘a rumor concerning “rumblings of a massive (40 million) data breach at Apple.”‘ I’ve seen no confirmation of that anywhere, but it’s certainly a good time to check that your AppleID credentials are in good shape.

Commentary by Graham Cluley here. You might want to consider taking up his suggestion of  enabling two-step verification on your Apple ID account, too.

David Harley

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: