Updated 2:12 PM EST, Wed, Jan 29, 2020

Make CT Your Homepage

Scam Alert: Cyber-Kidnappers Lock iPhones for Ransom

iPad in use

iPad in use

Cybersecurity experts warn that hackers have launched a cyber-kidnap-for-ransom attack on Apple devices which involves remotely locking iPhones and iPads and then demanding ransom money from owners to  have their "hostaged" devices unlocked.

The ransomware scam was reported by iphone owners in Australia via tweets and posts on the Apple forum saying they woke up Wednesday to see that their Apple devices have been locked and they have received ransom demand notices.

Like Us on Facebook

One such ransom demand read, "Device hacked by Oleg Pliss. For unlock device, you need send voucher code by 100 usd/eur (Moneypack/Ukash/PaySafeCard) to for unlock."

There is no indication that the cyber-kidnappings resulted from any compromise of Apple servers, but experts believe hackers seem to have found a way to compromise Apple IDs and passwords so they can remotely lock connected devices using Apple's Find My iPhone service.

Cyber-theft expert Robert Siciliano told ABC News that the attack may have emanated from a single place where people go online to access their iCloud or mac accounts, thus exposing their logon credentials to hackers.

Siciliano explained that the hackers can then use people's iCloud credentials to create exact clones of their devices.

Experts say a person can tell if his iPhone or iPad is being held for ransom since commandeered devices typically emit a loud tone. This tone emanates from a feature that helps users locate lost or stolen devices. A text message demanding ransom can then be expected.

Users are advised to use long, randomly generated passwords unique to their iCloud account to prevent ransomware attacks. They should also enable two-factor authentication and assign a separate, randomly generated password for each iPhone and iPad they own.

Failure to do so will mean that once remotely locked, a ransomed device can only be unlocked by a factory reset that completely erases all of the user's stored data and apps.

Ransomware scams first hit Windows Phone users and smartphone users running Google's Android OS. 

Real Time Analytics