Russia Arrests Two Over Apple Ransomware

The recent spate of ransomware attacks against users of Apple devices has ended with two people being arrested in Russia.

According to reports, the two unnamed hackers “confessed” to the attacks that charged users a $100 (£59.60) fee to unlock their devices.

Ransomware Attack

The ransomware attacks in May were said to have targeted Apple device owners, mostly limited to Australia. However some Apple users in the UK, New Zealand, and America were also reportedly affected.

According to an official statement (Google translation) on the Russian Ministry of Internal Affairs website, the suspects live in Moscow. They first created a “phishing” site in order to collect iCloud logins (i.e. a website that looked like the iCloud website), then used those logins to lock down victims’ iPhones, iPads or Macs.

Apple previously said that the attacks didn’t mean its iCloud system was compromised, and the login details of the victims must have been coming from elsewhere. It is currently unknown how many people were affected by the ransomware.

According to the Guardian newspaper, Australian victims simply woke up one morning to find a message on the device which said it was locked. A message reportedly said “Device hacked by Oleg Pliss”. In order to unlock the device, users were told to pay a ransom of $100.

It seems that the hackers utilised the “Find my iPhone/iPad/Mac” functionality of the iCloud system, which allows people to locate their device from any web browser. The hackers exploited the feature, which enables the device to be remotely locked, wipe the data, or display a custom message.

Little is known about the two people arrested. The perpetrators are said to have been born in 1991 and 1998, which makes them 23 and 16. One of the suspects has reportedly been arrested before. Police from Russia’s “Department K of the Russian Ministry of Internal Affairs” also seized computers, sim cards, and phones, as well as “literature on hacking computer systems.”

The two are also said to have operated another scheme, where they would connect a new device to a hijacked iCloud account. They would then use this compromised account to acquire large amounts of media (i.e. films or music) and then advertised it for sale online.

Apple Security

Whilst Apple has a good record on security on the whole, it is not invulnerable to attacks.

Chinese hackers were suspected of carrying out an attack on Apple using a Java exploit last year. The company admitted a number of its employees’ Mac machines had been compromised.

And last July, hackers managed to breach the member centre on Apple’s main developer website.

What do you know about Internet security? Find out with our quiz!