Australian iPhones held for ransom by mystery hacker

Users awake to find devices locked and a demand for $100.


Tim Sampson


Published May 28, 2014   Updated May 31, 2021, 6:01 am CDT

Apple users throughout Australia woke up to an unpleasant surprise early Tuesday morning. A number of Mac users say their devices have been hacked through an Apple security feature and are now being held for ransom by an unknown person.

Throughout the country, owners of iPhones, iPads and Macs all told a similar story about waking up to find an alert on their device saying it had been locked using the Find My iPhone security feature. An accompanying message from someone calling themselves Oleg Pliss demands users pay $100 to a PayPal account in order to have their devices unlocked.

Woken up at 2am by hacked ‘Find My iPhone’ asking for money, no sleeping after trying to sort that out so at work at 6am: Today will be fun.

— Casey Maree (@_caseymaree_) May 26, 2014

Ok just got a ‘found your phone’ email from Find my iPhone, then got a message on my phone to say it had been hacked. Should I be worried?

— Athanae Lucev (@athanaelucev) May 26, 2014

A search of the name Oleg Pliss turns up a number of different people, including a software developer at Oracle, though it’s highly unlikely that someone would use his or her real name for this kind of criminal activity.

Based on how these devices were locked, it’s possible that the perpetrator was able to get a hold of a list of Apple IDs and their connected password. This would explain how they were able to access the Find My iPhone feature. But exactly how this information was obtained is unclear.

One possible explanation is the tendency of many Internet users to use the same email address and password combinations across multiple platforms, notes IT Wire’s Stephen Withers. Information obtained through a security breach elsewhere could have given “Oleg Pliss” the necessary credentials to break into users’ devices. However, Computer World’s Richi Jennings reports that a number of commenters online are suggesting a direct breach of Apple’s own network. They point toward some reports from users who say they have unique passwords for their Apple ID and that they were locked out of their devices even after changing their password.

Apple itself has yet to comment on this case.

According to a spokesperson from PayPal, there is no account linked to the email address used by the hacker and any Apple users who paid the ransom will have their money refunded.

Australian Newspaper the Age advises users who’ve been impacted by the attack to contact Apple customer support to try and regain control of their devices.

H/T: MacRumors | Photo by Johan Larsson/Flickr (CC BY 2.0)

Share this article
*First Published: May 28, 2014, 6:23 am CDT