Q: My devices have been hacked. What do I do?

I am luckly has not been hacked. This is intresting to read though.

ScottM, I've never set up a mac address to the best of my recollection. The address I use is from a free web based email service, also not set up in Australia.

Apple must do something asap!, if they can lock your phone what will stop them from locating you! im been getting msg pop up on my ipad

saying (your device is infected with a virus) msg something like that, Has this happen to anyone yet?

It looks highly likely this is an email harvesting scam. Someone has hacked into an unsecured server, somewhere in Australia, copied email and password details, and just tried logging in to their iCloud service, and gotten lucky.

My advice to anyone who uses the same email and password as their Apple ID, on other sites, don't. If you do, then change it now.

Until the server in question is identified, then don't use identical email addresses and passwords on any services

Apple can't help you if people use the same email and password across multiple web services, where your details can be hacked and used, which is what seems to have happened in these instances. Apple provide all the levels of security needed to protect a device. If people are too lazy to use them, who is at fault, really?

If you ignore the "set up secondary security details" Apple insist you do, you can't blame them for what happens if you don't. Like a seatbelt. If you don't use it and you crash, the consequences are hardly the car manufacturers fault if you're badly injured.

Well as a matter of fact I knew something like this might happen! One annoyomous hacker tried to contact Apple about iCloud hacking but Appe did not pay attaention. I tweeted about it on 24th May https://twitter.com/ahitagni/status/469916095928086529

Hi all, thanks for this thread, I had no idea what was going on when this first happened - I was using the phone at the time and it just locked on me and came up with that message.  Luckily I had a passcode, so I changed all my passwords via computer and then restored my phone from iCloud backup.

I'm the person quoted in this article: http://www.news.com.au/technology/online/hackers-hold-apple-users-iphones-ipads- and-ipods-ransom-through-oleg-pliss-scam/story-fnjwnj25-1226933413412

My poss common denominators: I use gmail, Optus wifi modem with default (but really long) password - I tried changing it in the beginning and it didn't work so I just left it, and I use Netflix & Hulu Plus via unblock-us - I thought it was interesting someone mentioned that.  Although other Netflix users I know didn't have their devices hacked.

I was hacked. No netflix, use Telstra, use a work email address, have no wi-fi at home where the alert was received and phone block was somehow activated. Phone was purchased new from Telstra.

Did you have the same password for any two or more accounts?

cheers

Dave

no issue here, but I think it's important, AGAIN, to mention that for those who have two step authentication enabled for their Apple ID, the two steps procedure is not enabled to access icloud.com At first view it makes sense, how would you be able to locate your device if you don't have the two steps code that only the device itself generates (that is, unless you have another iDevice), but hey, there's a recovery key that the owner can use, so where's the problem? And keep in mind that accessing icloud.com with no secondary code required allows hackers to access "find my iphone" without it !!! Not mentioning emails and the rest.

SO AGAIN, Apple! please do enable two factor authentication on ALL Apple websites, icloud.com and the others too. Thanks.

If you use the same email and password for your Apple ID, on other sites, this is where the hacker has most likely gained your iCloud login details. If this is the case, change your Apple ID now, and can you list the other services that you did use. If we can pinpoint the servers that have been hacked, we can stop this QDP.

Andrew J wrote:

 

It looks highly likely this is an email harvesting scam. Someone has hacked into an unsecured server, somewhere in Australia, copied email and password details, and just tried logging in to their iCloud service, and gotten lucky.

 

My advice to anyone who uses the same email and password as their Apple ID, on other sites, don't. If you do, then change it now.

 

Until the server in question is identified, then don't use identical email addresses and passwords on any services

It doesn't look like it.

A friend of mine was hacked and she is tech savvy enough not to fall for a scam and would remember if she had clicked any official emails. Also she claims to have had a very strong and unique password.

Our best guess is either she had a keylogger (but we searched and could not find a keylogger, unless it's very well hidden) or else there might have been some hack internally at Apple.

I'm thinking the latter is the case, perhaps there is a vulnerability where if you know the serial number of the device or something you can trigger Find my iPhone without knowing the iCloud username/password. This would explain why all of the phones are in the same region/country.

Have you used the same email and password you use for your Apple ID, on any other servcies? If so, please list it here, so these servers can be identified.

You misunderstand what I meant. A hacker has obviously hacked into a server that contains user emails and passwords. If these people use the same email and password for their iCloud account, this is where the hacker has gained access. I never mention phishing scams at all. Lets try and be specific here so we can get to the root of the problem. Thanks.

abhibeckert wrote:

 

Andrew J wrote:

 

It looks highly likely this is an email harvesting scam. Someone has hacked into an unsecured server, somewhere in Australia, copied email and password details, and just tried logging in to their iCloud service, and gotten lucky.

 

My advice to anyone who uses the same email and password as their Apple ID, on other sites, don't. If you do, then change it now.

 

Until the server in question is identified, then don't use identical email addresses and passwords on any services

 

It doesn't look like it.

 

A friend of mine was hacked and she is tech savvy enough not to fall for a scam and would remember if she had clicked any official emails. Also she claims to have had a very strong and unique password.

 

Our best guess is either she had a keylogger (but we searched and could not find a keylogger, unless it's very well hidden) or else there might have been some hack internally at Apple.

 

I'm thinking the latter is the case, perhaps there is a vulnerability where if you know the serial number of the device or something you can trigger Find my iPhone without knowing the iCloud username/password. This would explain why all of the phones are in the same region/country.

My iCloud password was unique - but very old. Email password I had used for a few different things, I had about 6 different passwords (probably considered moderately strong) that I used altogether, with more important things (banking, paypal etc) each unique. I'd say my email password was the most vulnerable having used it either currently or previously for other things such as social media.