If you are 2spyware fan on Facebook, you must have seen our post about Mac ransomware. According to various reports, it seems that it has been spread only in Australia and New Zealand. However, no one can guarantee that it won’t start affecting users from USA or Europe. Let’s take a deeper look at this phishing attack and what can be done to avoid it.
The fake message, showing that the device was affected, says “Device hacked by Oleg Pliss. For unlock device YOU NEED send voucher code by 50$/ one of this (Moneypack, Ukash, PaySafeCard) to …… for unlock”. No matter that it looks similarly to CryptoWall virus or Kovter ransomware, it seems that its appearance has nothing to do with malware. It is believed that this attack was initiated by finding a way to steal users’ iCloud credentials, activating the Lost Mode feature and then using it to lock an unknown number of Apple devices. The fun thing about this attack is that there is no PayPal account linked to hacker email, so basically there is no way to pay a ransom.
If your iPhone, iPad, Mac or other Apple device is blocked, you should try restoring it from a backup within your iTunes account. If you don’t have a recent backup, you will have to use a recovery mode and reset your device completely. Instructions how to do that can be found here. However, you should keep in mind that this will remove all of your apps and data! In order to avoid this or similar attacks, you should make sure that your iCloud credentials are secure. Please, think about two-step verification is an optional security feature for your Apple ID and always use strong, complex passwords. To know more more about two-step verification, click here.
UPDATE: As it has already been expected, Mac ransomware hits the U.S.. It’s still a mystery what countries exactly are affected. However, we have already received complains about “Oleg Pliss” hack from LA and California. Apple still denies claims that iCloud was hijacked. Nevertheless, you should still make sure that all your valuable data that is kept on your iPhone, iPad or Mac is backed up. In addition to that, you should change your iCloud password to the more complex one!