Hackers Target Macs and Hold Locked Devices for Ransom

Hackers Target Macs and Hold Locked Devices for Ransom

Hackers have managed to remotely lock Macs from their users to hold devices for ransom.

The latest string of malicious attacks involve hackers being able to lock Macs remotely and then demanding a ransom from its user.

Up until now, Macs have been mostly invulnerable to attacks.

This latest attack works by using the targeted user’s Apple ID and password. If the attacker has access to this, they can remotely lock a Mac, using the popular Find My iPhone feature by using a passcode. The hackers are able to choose the passcode itself, which essentially locks the device from the user. This vulnerability is effective even with a two-factor authentication feature since Apple disregards this feature in its Find My iPhone app. This is done mainly because usually when the user accesses this app, their primary device is missing.

After the device is locked, users typically receive messages from the responsible hackers demanding a ransom in exchange for an unlocked device. The attacks don’t seem coordinated and have to date only affected a small number of people. This attack is presumed to be carried out by single hackers.

The latest hack is not unlike the one we’ve seen befalling Bitcoin wallet users, where every attack seems individual and unique. Where some wallets might receive no transactions, and others only a single transaction.

Researchers are still unsure of how attackers get hold of certain individuals’ iCould login credentials, although they have confirmed that it was not a fault of the part of Apple’s servers. It seems likely that hackers were able to gather this information from breaches on other sites and possible third-party services. In most cases, targeted users used the exact same information for their iCloud login details and several other online accounts.

While the attacks have had a relatively low impact, the attacks themselves are enough cause for concern for iOS users. The first attack has been recorded in early September, though the tactic itself has quite commonly been used.

In order to prevent the attack, security experts gave concerned iOS valuable tips.

Experts advise users to first change your Apple ID password, especially if it’s a password you use across multiple platforms.

  • In addition, iOS users can also employ a two-factor authentication, if they’re not using it yet.
  • Users who suspect that they may have been hacked can confirm this by visiting the website HaveIBeenPwned.com.
  • Although it is troublesome, experts suggest using a different password and username for every online profile you have. You can easily use platforms like 1Password, and iCloud Keychain to help you generate and remember passwords for every site.

If you have fallen victim to the latest Mac attack, it would likely be necessary for your device to be wiped or restored in order to remove the lock. Affected users are encouraged to seek help from authorized Apple staff to help you do this.