Q: My devices have been hacked. What do I do?

Yes...

Then why isn't it okay for someone to access your iPhone?

Sorry - I didn't realise I was communicating with someone who is intellectually challenged. The two issues have nothing in common. One is well discussed and politically challenged corporate malfeasance involving Amazon, Microsoft, Apple, etc., who are overcharging one specific country,  where the parties involved have been summoned and asked to explain by the Australian Government, the other a criminal act.

You seem to be confusing copyright issues (what is available in what country from what copyright owner) with the price of products actually available in that country.

Since you are such a genius Chris, explain why a song costs twice the price in Australia when it is a global coppyright?

No, I am seldom confused. It has NOTHING to with copyright, it has only to do with price gouging. Even Australian produced products, if purchased through Amazon/Apple etc., are charged at a much higher rate than when sold in the US. If you have no knowledge on a subject, perhaps it would behove you to avoid commenting on it.

This thread isn't about your criminal behaviour. It's about helping people get their devices back and determine what needs to happen so it doesn't happen again in the future.

Thanks Tlix - we need to get back on track ....

How can I get my ipad back without doing a restore!!! Grrrr

My take on this:

This has been a 2 stage process.

1.

The harvesting phase. Someone in Autralia has managed to manipulate the BGP routing table. A peer injecting a 17.x.x.x route more specific than Apple's own routes. By doing so inpersonating one of Apple auth servers, maybe based on the same hack as the one capable of impersonating Apple's activation process. Somehow I would not be surprised to see some of Apple's private keys out in the wild too. DNS poisoning is probably unrealistic due to widespread use og globally located dns servers.

2. The attack phase.

The least interesting part of course as to trying to find the origin. This is most likely controlled by bots.

I was hoping this tread would focus more on the harvesting phase.

marumurak wrote:

 

Since you are such a genius Chris, explain why a song costs twice the price in Australia when it is a global coppyright?

There is no such thing as "a global copyright". Copyright laws and music licensing laws and rates vary from country to country. That's why there are iTunes Stores for each country, not a single global one.

Anyway, the cost of a song in Australia is irrelevant for the topic of this thread.

Flair for stating the obvious re password strength. The password wasn't unique 'to me', it was unique from all the other passwords I use. That was the point I was responding to above...

lundkeman wrote:

 

It would not be a stretch for hackers to go from unlocking stolen devices with a hack, too locking them.

There is absolutely nothing about the Dutch unlocking hack that is applicable to this situation. That hack requires the hackers to have the devices being unlocked in their physical possession. Due to the methods used, it cannot be applied remotely, and cannot be used to remotely lock devices.

Chris CA wrote:

 

So it's okay for you to access iTunes against Apple's terms of service?

Chris, this is not helpful. It's going to be impossible to get to the bottom of this if replies like this make people become reluctant to share details, for fear of being accused of something. Let's stay focused on the problem at hand, please?

I live in the UK and I myself haven't been hacked, but I have turned off my Find My service on both my IPhone and IPod (It wasn't enabled on my macbook) as this seems to be how the hackers are getting onto people's devices. I have had a different password for all the various things I use ever since the Heartbleed bug was first reported and I changed my password after Ebay was hacked. However, with all these hacking stories flying around it almost feels like nowhere on the internet is safe and it is just a matter of time before I am a victim

I live in the UK and I myself haven't been hacked, but I have turned off my Find My service

Although I myself have recommended doing that, it's important to understand the potential problems with doing that. Turning that off decreases the chances of protecting your phone and its data in case it is stolen. If that's not something you're comfortable with, just keep your phone backed up so that if you do get hacked, you can restore the phone without incident or serious inconvenience.

it almost feels like nowhere on the internet is safe and it is just a matter of time before I am a victim

Yup. If that's what you've learned from this, that's a good thing. Keep that attitude in the front of your mind with everything you do with your electronic devices. That knowledge is the best thing for protecting you against being a victim, just as keeping a close eye on your surroundings can keep you from being mugged.