My devices have been hacked. What do I do?

We are all seeing that pink message. That happens when a post is blocked by the moderators for whatever reason, generally being inappropriate, but there could be other reasons. Do not worry about it.

(Also wondering why this thread is dying down - no other US people affected?)

I've heard reports of a very few people outside the Australia/New Zealand area who saw this same behavior. But no widespread cases anywhere outside that area, to my knowledge. What's going on is anyone's guess at this point - and most of the guesses so far have been shot down - but there still seems to be a strong association with that part of the world.

Greg Earle wrote:

At the top of the page/thread I'm seeing
..
Anyone else seeing this?

Any posts that are removed by the foprum moderators are not simply deleted.

They are dumped into some place only the forum moderators can access.

The line at top simply shows that a/some posts have been removed (but not why).

Opsystem wrote:

According to news sites around the world reporting on this attack. The exploit uses the “Find My iPhone” feature, which allows users to remotely lock their iPhones and iPads via iCloud in case the devices are lost or stolen.

It is likely being reported because one "news" site saw this thread and all the other "news sites" jumped on their same story, not because these "news sites" actually did any research.

Its been well reported that Ebay and Adobe were hacked, but there is nothing in that article that says Apple wasn't breached. There are accounts of users with passwords unique to iCloud who have been hacked , so I would say the jury is still out.

No one I know who was hacked uses the same password for eBay, Adobe and Apple. This is a smoke screen. The three devices we had hacked didn't have eBay accounts associated with them - they belonged to kids. None of our kids knows the password associeted with their iTunes/App store account - a security measure to ensure that in app purchasing doesn't get out of hand. Each of their phones uses a different paswword unique to that account, not used elsewhere. They did have the find friends app active, not just the find my phone app. We like to keep track of our kids. No one seems to be mentioning the Find Friends app.

lozzab22 wrote:

I have an unlocked iphone originally from Australia, but its now with me living in Toronto, Canada

I have the feeling that those few people reporting this from outside the Australia/New Zealand area will be the key to finding the cause. Are you using any kind of VPN service on the phone? What company handles the phone's cell/data service? Anything you can think of might be helpful!

The only weird thing about my wife's is that she got one via a corporate gift program, but her other iPad was ordered from the US. Neither of us have been to AUS/NZ nor do we use a VPN. Her devices are wi-fi only so no carrier. I have no idea where the corp gift program gets them from...

My wife recieved the above suspect Phishing email on the 16th of May. She sensibly deleted it. I wonder if others clicked through? We are in the UK BTW.

@Opsystem Where did the link actually lead to? Can you give us a rough idea (while perhaps not posting the actual phishy URL)? That sounds like a good lead. Odd if it was only people in Australia who clicked through on it though.

That is probably a real letter from Apple, check the mail header on it. The link in the letter would allow you to login.

You can log into your iTunes account yourself on your computer and see if that purchase is showing up in your account. Also check whatever credit card you use with your account.

From reading through all the posts, it seems that it's safe to say it's NOT just Australia and New Zealand, but, certainlly all of the victims have been in primarily English speaking countries, which would further imply that whatever was exposed or breached or compromsied would also be related to that demographic. Without knowing every online service and every application of every victim, we may not have enough data to pin down the commonality between them all.

Regardless; it's clear that by using passcodes, or, better, passphrases on your iOS based devices, as well as having a strong password on your iTunes/iCloud account (managed with something like 1Password) will help.

As I recall there are about 4 people who are not currently in Australia/New Zealand, and 2 of those had Australian connections. Don't think there are enough non-residents to say it is outside of that area and as thomas_r said they may be the key to the issue.

Opsystem wrote:

Dear Apple Customer, Your Apple ID was just used to purchase "Skype credit 20$" from the iTunes Store on a computer or device that had not not previously been associated with that Apple ID. You may also be receiving this email if you reset your password since your last purchase. This purchase was initiated from 217.149.182.125 (Volgograd, Russia). If you made this purchase, you can disregard this email. It was only sent to alert you in case you did not make the purchase yourself. If you did not make this purchase, we recommend that you urgently check your Apple ID: Apple ID (the link was in this text but I cleared it) Remember, that Apple will never asks you to provide your secure details by e-mail or phone. Yours sincerely, Apple Inc#.

My wife recieved the above suspect Phishing email on the 16th of May. She sensibly deleted it. I wonder if others clicked through? We are in the UK BTW.

It's probably just a coincidence. There are many peolpe affected by this who would not have fallen for a scam like that.

I am in Aus, and I too was hacked. Nothing that anyone here has noted as 'causes' is relevant to me - totally different ebay password, didn't click on the email link etc. I have 2 ipads and 1 x phone - have reset the phone and 1 x ipad, but am holding off on the second as there is some info on there that I really don't want to loose if possible. Has anyone anywhere come up with a 'fix' yet so that I con't have to restore?