Ransomware hits the iPhone

Details are a little sketchy, but apparently a Russian hacker has figured out a way to lock users out of their iOS devices allegedly by compromising their iCloud accounts, then using the Find My iPhone feature to lock said devices unless a ransom if paid via PayPal. PayPal meanwhile says that the account that the ransom is paid to does not exist.

Traditionally ransomware encrypts hard drives with strong encryption, the excellent Neil Gaimen book ReamDe took the ransomware concept a step further and also silently encrypted any external drives connected to the infected machine.

In the case of the iOS devices, doing a Restore To Factory Settings then restoring the most recent backup is sufficient to get past the lockout.

So far this is mainly isolated to Australia and New Zealand, though the article says someone in England was hit. It appears that a database of Mac users was compromised and some people were using the same password for their iCloud account, thus giving the crooks an avenue for access.

If anything, this is an excellent illustration of why you should use different passwords for different accounts.

http://www.ibtimes.co.uk/iphone-ipad-users-held-ransom-by-hacker-australia-1450096