My devices have been hacked. What do I do?

One thought: it seems that everyone replying so far is in Australia or New Zealand. One possible reason for this would be if you all are using some e-mail service provider local to that part of the world - such as the e-mail addresses provided by a local internet service provider - and have those e-mail addresses associated with your Apple IDs. If that's the case, that e-mail provider might have been hacked, allowing the hackers to reset the passwords on those Apple IDs if they weren't already protected by two-factor authentication.

You should all consider changing the passwords on any e-mail accounts provided by a company in those countries.

Three devices all hacked, one with a pass code. Though interestingly the fourth linked device wasn't impacted (go figure). I'm in WA and it hit around 3am. Waiting for the apple store help line to open.

I'm assuming different carriers were impacted and not just one, ie iinet, or vodaphone etc????

Anyone tried resetting an iPhone to get in?

Okay, so at least two people are using non-local e-mail accounts, so that shoots that theory.

How about internet service providers (ISPs)? I know nothing about the available providers in that part of the world, but if everyone is using the same ISP, this could be the result of a domain name server hack. A domain name server (DNS) is a server used to convert a human-readable address (www.apple.com) into a numeric IP address (17.172.224.47). If a DNS gets "poisoned," it can contain entries that map the human-readable address to a malicious IP address.

If this happened with a major ISPs DNS in that part of the world, affected users who provided a username and password on what they thought was Apple's site may actually have provided it to hackers. It may be a good idea to use an alternate DNS for the next few days, just in case, until the cause is determined. Try theOpenDNS servers or Google DNS servers.

kazza62 wrote:

I have an iphone too and to this minute has remained inaffected but should i turn off the 'find my phone' feature to protect me from being hacked?

No, I would leave it on, but change your iCloud password with a strong password and enable passlock on your iPhone.

no i dont know the password the hacker used.

i dont use the same password for ebay and have changed it to another different password since recieving that warning from ebay

using telstra - bigpond

never used icloud, didnt even realise i had set it up

Husband has spent a fair while on phone to apple support this morning so they are aware of the situation. iPhone still not working though, expecting a call back in an hour to resolve this. Pretty sure it's not linked to email providers or ISP as we are on satellite broadband here.

I had a slightly different experience.

I woke up at about 3am to the phone making odd beeping noises and noticed that the screen and bluetooth were on (I never use bluetooth). On closer inspection "they" had a bunch of incognito windows open in Chrme with an attempt to reset my Amazn password, along with just a bunch of garbage sites. They'd also replied to a few (noreply) email addresses with just garbage (eg, CzTwice vs ; ).

Seems like they visited a bunch of sites from my history, but as far as I can tell they didn't do anything actually useful to them (as far as I can tell). I've since reset the majority of my passwords and put a lock code on the phone.

Whether it's the same hack that everyone else in here has been caught with (I'm in Melbourne), and I just caught them mid way through the act, I don't know, but either way there's a lot of hacking going on!

iPad fixed, iPhone now fixed too - restored each from recent backups. Can't change the AppleID password as DW can't remember her security questions 😢. Waiting for Apple to call on that front - have in the meantime put passcodes on both devices and turned 'find my iphone/ipad' off on both. Hopefully we're sorted. Will implement two step authentication too.

Good luck to all affected!

lilmky2 wrote:

How many use the same password that they used on Ebay? Just wondering if that breach caused this one?

Not likely, as this breach seems to only be affecting Australians and New Zealanders, as far as I know.

analogue cheese wrote:

iPad fixed, iPhone now fixed too - restored each from recent backups. Can't change the AppleID password as DW can't remember her security questions 😢. Waiting for Apple to call on that front - have in the meantime put passcodes on both devices and turned 'find my iphone/ipad' off on both. Hopefully we're sorted. Will implement two step authentication too.

Good luck to all affected!

I also cant remember one of the questions - its not a question i would usually set - so i'm thinking they've changed it so i can't get back in.

Be careful with icloud and erasing,

A user who received this hack has erased their iphone from iCloud after seeing it set in lost mode and it appears as though its also erased the iphones icloud backup?

Does this sound right, they believe that when erasing the iphone from icloud it did not state anything about deleting backups, just erasing the phone itself.

Now they are unable to restore the device and have to start fresh,

Can anyone back this up ?

You don't need to erase the device from iCloud, nor do you need to remove it from your account.

All you need to do is take it out of lost mode and follow the instructions listed here.

Apple Devices Hacked Overnight

I also cant remember one of the questions - its not a question i would usually set - so i'm thinking they've changed it so i can't get back in.

hmm - didnt think of that. wife too claims the questions aren't ones she'd normally plump for. hopefully disabling find my iphone on the device will mitigate some risk for now. I guess they can still run rampant through the icloud account.