Skip to main content
  1. Home
  2. Mobile
  3. News

Report: Hackers are holding iOS devices for ransom through Find My iPhone

By

LuMee Selfie Light Case
Image used with permission by copyright holder
There’s a new ransomware trick in town, and it’s aimed at iOS device owners and their Apple ID accounts. Dutch site AppleTips reports that hackers who have managed to gain access to a victim’s Apple ID credentials are using the Find My iPhone feature to lock the devices down and demand $50 in return for providing access. The ransom-based message appears on the iPhone or iPad’s lock screen, and includes an email address.

The good news here is that the iOS device that’s held hostage can be released from its captors simply by entering the passcode or using Touch ID. The bad news here is that the hacker has control over the user’s Apple ID account, meaning they have access to the victim’s email addresses, physical address, payment information, and so on. Hackers can even change the password, change the security questions, and enable two-step verification if it’s turned off.

Recommended Videos

Additionally, hackers can log into iCloud and cause all kinds of havoc, such as accessing the victim’s contacts, email, stored photos, and getting access to iCloud Drive. Thus, the whole ransomware scheme is somewhat small when compared to the damage hackers can do when they have access to Apple ID credentials.

Related

Chances are, hackers are acquiring Apple ID information because customers are using the same password across multiple services and websites. When one gets infiltrated, hackers will use that information to possibly gain access to the other sites and services used by the victim. This is why two-step verification is important, along with using numerous passwords.

By using Apple’s two-step verification system, customers can have their iPhone or iPad serve as a secondary login device. For example, when users try to access their Apple ID account online, they are required to provide the email address and password as usual. However, Apple will supply a registered device with an SMS message containing a verification code that also must be entered. This should keep hackers out of the customer’s sensitive Apple ID and iCloud accounts.

Ransomware is typically associated with Windows and Android-based devices, not Apple’s iPhone or iPad. The very first “fully functional” ransomware on a Mac was reported back in March by Palo Alto Networks. The Transmission BitTorrent client installer was found to be infected with “KeRanger” ransomware signed with a valid Mac app development certificate. Prior to that, FileCoder was discovered by Kaspersky Lab back in 2014, but it was deemed as incomplete.

Essentially, KeRanger encrypted specific files and demanded that the victim cough up around $400 through a provided email address in order to regain access to those files. After the report, Apple revoked that particular development certificate and updated the XProtect antivirus signature. Palo Alto Networks provided a list of steps for removing the ransomware, including using Terminal or Finder to delete the infected Transmission files.

What’s really cool about Apple’s Find My iPhone feature is that customers can log onto a desktop and laptop to hunt down their misplaced iOS-based mobile device. Customers can force the device to make a sound, they remotely erase the device, or turn on Lost Mode, locking it down. However, as we’ve seen with this latest ransomware trick, hackers find this an ideal way to generate some cash.

Editors’ Recommendations

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…

My first week with the iPad mini (2024) was fantastic and frustrating
Rear shell view of the 2024 iPad mini.

The iPad mini is arguably the most polarizing product in Apple’s portfolio. There’s a segment of die-hard fans that would pick it over any other device in its class, and then there’s another group that can’t quite figure out what exactly it can deliver in terms of meaningful utility.

Reading? Check. Is it good for note-taking? It’s probably the world’s best little diary. What about gaming? It can blaze past the best titles out there. All that excellence can be yours for a cool $500, at the very minimum.

Read more
Apple Intelligence is coming to these languages in April
Apple Intelligence on the Apple iPhone 16 Plus.

Public access to certain features of Apple Intelligence is rolling out to users with the iOS 18.1, iPadOS 18.1, and macOS 15.1 updates. However, even if you are fortunate enough to gain early access, the service is currently only available in U.S. English in select countries. That is expected to change in the coming weeks and months.

According to GSMArena, Apple plans to add local English variants in Australia, Canada, Ireland, New Zealand, South Africa, and the U.K. in December. Most recently, it was confirmed that starting in April and continuing throughout 2025, Apple Intelligence will gain support for Chinese, English (India), English (Singapore), French, German, Italian, Japanese, Korean, Portuguese, Spanish, and Vietnamese. April is also when the EU will see its first Apple Intelligence release.

Read more
I was wrong about the iPhone 16
An iPhone 16 laying on a shelf with its screen on.

The iPhone 16 is a little over a month old, and I've been using it almost nonstop since it was announced last month. I reviewed the phone for Digital Trends and bought one with my own money as my personal phone of choice.

Not long after its unveiling, I wrote an op-ed complaining about the iPhone 16's lack of a 120Hz display. I said it was the "one thing holding back the iPhone 16" and that its 60Hz screen was "an unreasonable spec." I'd still like to see the refresh rate addressed with the iPhone 17, but after living with the iPhone 16 for over a month now, I've found that it's not nearly as big of an issue as I believed it would be.
A 60Hz screen matters, until it doesn't

Read more