Australian Apple devices, including the iPhone, are being hijacked by a hacker and held ransom. Photo: Getty Images
Owners of Apple devices across Australia are having them digitally held for ransom by hackers demanding payment before they will relinquish control.
iPad, iPhone and Mac owners in Queensland, NSW, Western Australia, South Australia and Victoria have reported having their devices held hostage.
One iPhone user, a Fairfax Media employee in Sydney, said she was awoken at 4am on Tuesday to a loud "lost phone" message that said "Oleg Pliss" had hacked her phone. She was instructed to send $50 to a PayPal account to have it unlocked.
What part of the hacker's message looks like on an iMac screen.
It is likely hackers are using the unusual name as a front to get money from people. A real Oleg Pliss is a software engineer at tech company Oracle. A similar name is listed on LinkedIn as a banking professional in Ukraine, while there are others in Russia.
Affected users in Australia have been discussing the issue on Twitter and Apple's own support forum.
Ok just got a 'found your phone' email from Find my iPhone, then got a message on my phone to say it had been hacked. Should I be worried? — Athanae Lucev (@athanaelucev) May 26, 2014
Has anyone had their phone weirdly hacked through unprompted use of Find My iPhone? — Ms Mindy Chops (@mindychops) May 27, 2014
Woken up at 2am by hacked 'Find My iPhone' asking for money, no sleeping after trying to sort that out so at work at 6am: Today will be fun. — Casey Maree (@_caseymaree_) May 26, 2014
my phone and ipad have been hacked overnight, message on screen says "your device has been hacked by oleg pliss... http://t.co/fFiwPksX7o — Eva Goes (@Eva53) May 26, 2014
@ashermoses @Devar This happened to my mum's iPad last night. I changed her iCloud password and took the phone out of lost mode, locked tho — Matt (@abstractg) May 27, 2014
Users who have a passcode on their device appear to be able to unlock it after the hacker has sent them the message demanding payment, but those who had not set a passcode are unable to.
Do you know more? Email email@example.com
Dozens of others across the country reported similar early morning messages.
A Melbourne Apple user reported the issue affecting their iPad. "I was using my iPad a short while ago when suddenly it locked itself," the user, "veritylikestea", wrote on Monday.
"I went to check my phone and there was a message on the screen ... saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by Paypal to firstname.lastname@example.org) to return them to me. I have no idea how this has happened."
A PayPal spokesman said there was no PayPal account linked to the email address the hacker used.
The spokesman added that any money that may have been sent by victims would be refunded.
Those with iPhones say they have been calling Telstra, Vodafone and Optus to try to fix the issue. Some have been calling Apple directly.
"Vodafone kept saying 'iPhone can't be hacked,' " one Apple user, "Shleighbo", wrote.
"Rang Telstra and they said it is an Apple issue," another, "georgie81", said.
"The Optus tech support was not helpful," said yet another user, "Bettybam".
Comment is being sought from Apple.
A Telstra spokesman said the telco was aware of the reports and had referred the matter to Apple.
"In the meantime customers who need assistance can contact Apple Care," the Telstra spokesman said.
Vodafone said no customers had reported the issue to its support centre.
Optus said if customers had any questions about their Apple devices, they "should speak directly to Apple".
The Australian Competition and Consumer Commission, which runs the federal government's Scam Watch website, said only one user had reported the issue to it so far.
Troy Hunt, an IT security expert, speculated that hackers were using compromised login credentials from recent data breaches to access accounts and lock users out.
As is often the case, web users largely use the same password across their multiple online services, meaning that if their password is compromised in a breach at one firm and they do not change it, their other accounts become vulnerable.
"It’s quite possible this is occurring by exploiting password reuse," Mr Hunt said. "Regardless of how difficult someone believes a password is to guess, if it's been compromised in another service and exposed in an unencrypted fashion, then it puts every other service where it has been reused at risk. Of course it also suggests that two-factor authentication was likely not used as the password alone wouldn't have granted the attacker access to the iCloud account."
Two-factor authentication can be enabled on Apple accounts by visiting: http://support.apple.com/kb/ht5570. It acts as a second layer of security by making users have to enter a code that is sent to their mobile device before they are granted access to their account.
It is recommended affected users contact Apple directly to regain access to their account. If the hacker has set a passcode on iPhones, instructions on how to bypass it can be found at: http://support.apple.com/kb/ht1212.
Once users regain control of their accounts, it is recommended they change their passwords.
A similar type of hack was used by criminals to delete a Wired journalist's digital presence in 2012, resulting in all files kept on his Mac and iPhone being destroyed.
Malicious software, known as "ransomware", is also a popular tool used by online criminals to extort money from users by scaring them into thinking the police is after them for either child abuse or copyright infringement offences.