Russian hackers involved in Apple device hijacking and ransom arrested by police

article thumbnail

Russian police on Tuesday said they arrested two hackers supposedly responsible for "hijacking" Apple products via Find My iPhone, locking owners out until they pay a ransom to regain access.

According to a statement from Directorate K, the Russian Interior Ministry's cyber crime arm, the alleged hackers could face up to two years in jail if found guilty of perpetrating the hijackings, reports Re/code.

Directorate K would not disclose how many Apple product owners had been hit by the attacks and declined to comment on whether the victims were nationals or foreigners. Since the hackers went through Apple's iCloud, they could potentially have hit targets anywhere in the world.

The ministry believes the attackers used Find My iPhone to break into users' devices and lock them remotely. Instead of using brute force or password reuse, the department said the pair of alleged hackers relied on two main scams.

"The first involved gaining access to the victim's Apple ID by means of the creation of phishing pages, (gaining) unauthorized access to email or using methods of social engineering," the ministry said. "The second scheme was aimed at attaching other people's devices to a prearranged account."

The latter scheme relied on offering Apple IDs with attached media content for rent, thus allowing the hackers to take control of a target device.

While the statement failed to recognize a series of recent attacks outside of Russia, the arrested hackers' tactics are identical to those used to break into iPhones, iPads and Macs in Australia, New Zealand, the U.S. and Canada.

At the time, multiple users reported being locked out of their Apple devices through Find My iPhone's remote lock feature. A message sent to many devices read, "Device hacked by Oleg Pliss," and directed owners to pay up to $100 to a Russia-based PayPal account for a device unlock.

For its part, Apple released a statement days after the hijacks were first reported, saying iCloud was not compromised in the scam.


Latest News