A number of users in Australia woke up yesterday to find their i-devices hacked by someone “Oleg Pliss” demanding a ransom of $100 / €100 in a PayPal account to leave the device unlocked. There is a real Oleg Pliss and he is mechanical software engineer who works at Oracle but is definitely not this hacker.
The violation for the purpose of money via ransomware has been confirmed by its users Apple Community Support , where a customer (named veritylikestea in the Apple forum) relays his experience as follows:
"I was working with my ipad a while ago, when it suddenly locked itself, without me asking him to do so. I went to check my phone and there was a message on the screen (it's still there) saying that my device (s) was hacked by "Oleg Pliss" and he / she demanded $ 100 USD / EUR […] to return it to me ”.
I have exactly the same problem, with the same message from "Oleg Pliss", writes another user named Rojmer. "I guess I can delete everything on my phone, but can something better be done than that?" I have changed my password in iCloud ".
iPad, iPhone and Mac computers in Queensland, NSW, West Australia, South Australia and Victoria have reported being held hostage.
Of course, one security solution that will prevent hackers from holding you hostage is to use two-factor authentication factors which Apple offers to its customers according to http://support.apple.com/kb/ht5570.
The Sydney Morning Herald he says that the IT security expert Mr Troy Hunt says hackers use missing login credentials from recent data breaches. In essence, this is done: Using the same password on multiple online services may put you at risk.
"It's very possible that all this is happening because some people are using the same password they found on another service” said Mr. Hunt. "Whether you think it's very hard for someone to guess a password, if it's been exposed to another service, or you've been exposed to unencrypted data, then you're putting every other service that has the same password at risk."
