Some people in Australia have been locked out of their Macs, iPhones and iPads by someone claiming to be named “Oleg Pliss.” The attacker is demanding ransom payments of around $50 to $100, delivered to an anonymous PayPal account, according to a report by the Sydney Morning Herald.
It doesn’t seem like the attacks are related to a security flaw in iOS or OS X, and it’s unclear how attackers are getting ahold of credentials needed to access users’ Apple IDs and lock their phones, tablets and Macs using Apple’s “Find my iPhone” feature. Some people think it’s the result of attackers using data from past security breaches, while others think that they could have obtained the usernames and passwords by phishing users’ credentials.
One way or another, it seems like the attacks are only Down Under for right now, but here’s a guide to making sure they can’t happen to you.
Enable a passcode or use Touch ID on all iOS devices.
The attacker(s) are locking people out of their iPhones by using Find my iPhone to put a passcode on the victim’s device. People who already have a passcode don’t need to worry about that, since Find my iPhone locks the phone using the passcode that’s already set on it if one is available.
To avoid that fate, users just need to set up a passcode for their device, which will lockPutting a 4-digit pin on an iPhone or iPad may seem like an inconvenience, but it’ll also help prevent someone nefarious from stealing personal data on the device in the event it gets lost.
To enable the feature, users should go to Settings > (Touch ID &) Passcode and then set up the security features for their device.
Use a unique password for your Apple ID.
The attacks could be taking place because someone was able to find emails and passwords for other accounts, and then used those to break into users’ Apple IDs. The easiest way to prevent that from happening is just to use a unique password for every account you use. Otherwise, it’s possible for someone who has figured out your Facebook password to get access to your iPhone.
Enable two-factor authentication.
Two-factor authentication will help prevent an attacker from gaining access to an Apple ID, even if they have a user’s password. Here’s how it works when enabled: when someone tries to make a purchase with an Apple ID on an unrecognized iOS device, or goes to change your Apple ID password, they’ll be asked for a code that can be either displayed on a user’s pre-registered iOS device, or sent to a phone via SMS. If they can’t provide the code (which requires a device that the correct user should have on their person) they can’t get access to those password-protected areas.
Two-factor authentication wouldn’t lock an attacker out of accessing Find my iPhone in the first place, but it would allow a user to maintain control over their Apple ID, and keep an attacker from doing more harm once they had initially locked the iPhone. Here’s Apple’s guide to setting up two-factor auth, so you can do it yourself.