ALERT: iPhone CryptoLocker
Cryptolocker has already found a way to target Android phone, and now they have found a way to hold iPhones and iPads hostage as well.
An attacker using the name “Oleg Pliss” is exploiting the “Find My iPhone” feature to launch the attack. So far, there is no explanation of how the attacker got hold of the iCloud accounts used to lock the devices.
Currently, there are four explanations possible:
- A classic phishing attack. People were lured to an Apple phishing site (there are 2,261 of them) and entered their credentials.
- A data breach at Apple, but Apple denies that their iCloud service has been breached.
- Possibilities of DNS poisoning, meaning people entered the correct Apple domain, but were subverted to a fake site, and entered their credentials there.
- There is also the scary possibility that hackers are in possession of usernames and passwords from another databreach like eBay or Target, and are attacking users that use the same credentials for their iCloud account.
The device will simply lock itself, and a message will appear stating “your device has been hacked by Oleg Pliss” and demands money sent to a PayPal account in order for the phone to be returned.
Many people do not know that Technology by Design offers antivirus, anti-malware and site protection for your mobile devices, such as smartphones and tablets.
Site protection does not put additional strain on your battery and blocks malicious sites and attacks, however it doesn’t clean your mobile device if it gets infected. Having either site protection or antivirus would be prudent, but having both would give you full protection. For more information on how we can help prevent this kind of incident, please call 204-800-3166, or email helpdesk@tbyd.ca.
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.
Leave a Reply