Previous 1 25 26 27 28 29 Next 468 Replies Latest reply: May 6, 2015 7:43 PM by thomas_r. Go to original post Branched to a new discussion.
  • Dark_Scribe Level 1 Level 1 (0 points)

    This isn't quite as straightforward as you suggest. Apple takes three days to change to two factor security and they email the owner at their normal email address to check that this is a legitimate request. They ask if you initiated the change and tell you to immediatley change your password if you didn't.

  • Dark_Scribe Level 1 Level 1 (0 points)

    I was hacked. It said paysafecard - I was surprised when the media mentioned paypal, because it wasn't paypal

     

    My wife's phone was hacked two days ago and it had Paypal on her message. I emailed Paypal with a copy of her screen and asked what was going on. They replied yesterday saying that the email address given was not associated with any of their accounts. Her phone unlocked with her normal password, which also worked for iCloud, and we, on the advice of the Apple Store, changed her password and added the two factor security option to all our phones. It still isn't in effect yet, it takes several days. Maybe there is more than one person doing this and they phrase their demands differently.

  • Dark_Scribe Level 1 Level 1 (0 points)

    It is on talkback radio right now, some callers are saying that they got one message, other callers are saying their message was different. Some mentioned Euros, some only dollars. Probably targeting different demographic areas. One caller said that the day before his kid downloaded an app that required him to log into iCloud through it. I couldn't get the name of the app - truck went past. I don't think I'd trust an app that needed iCloud access no matter what it did.

  • deskokat Level 1 Level 1 (0 points)

    First hand evidence trumps newspapers - and I'm more inclined to believe your eyes that Paypal was cited than newspaper reports. You probably didn't need to patronise someone by asking them if they know what a newspaper is though - you're clearly punchy. And yes, I'm aware that there may have been different wording. Calm down.

  • Toasted111 Level 1 Level 1 (5 points)

    Dark_Scribe wrote:

     

    This isn't quite as straightforward as you suggest. Apple takes three days to change to two factor security and they email the owner at their normal email address to check that this is a legitimate request. They ask if you initiated the change and tell you to immediatley change your password if you didn't.

     

    I am not convinced that the iCloud system is all that its touted to be.

     

    I have attempted to establish two factor authentication on my account a couple of days ago. While the account says that I will be able to complete the process this afternoon (three days delay), I have not received any email from Apple to check that this is a legitimate request... (and my email systems are working fine)... so much for that security check.

     

    I think its a shame that Apple simply announce "iCloud was not compromised" and leave its customers to flounder around on their own trying to figure out how this happened.

  • Tigerlily75 Level 1 Level 1 (0 points)

    I think it's established that different messages were sent. I was hacked and mine did not say PayPal, it listed the paysafe cash card or whatever it was as previously mentioned, it also asked for "$100 usd/eurs" whereas others reported it being $50.

  • lotsasmiles Level 1 Level 1 (0 points)

    OK - I am not as 'tech savvy' as most on this board, so excuse me if I sound basic.

     

    I cannot understand this ....

     

    Why can't Apple issue a 'fix' - they must have some way of getting around their own security systems.  My iPad is locked by a number I do not know - there is a message on there 'saying' that I have been hacked.  Why can't I put in an over-ride code?  (and for all you who say Apple won't do that as the device may be stolen - my ipad has a serial number ... itunes identifies my ipad when I log in .... itunes identifies my identitiy with my Apple ID - it is MY ipad - **** even Amazon knows which of my 2 ipad's I want to send books to)

     

    Is this waaay to simple?

     

    Even if I have to take my device to a Apple store, why can't they back it up from their own systems even if it is locked?  It is own of their own devices.  Back it up - check my name, DOB, photo ID and itunes password then restore it and reload with all my information intact.  Simple?  You bet - so how come it isn't happening?

     

    Very very frustrating.  Maybe someone out there can enlighten me?  Just don't use big words - I can get very confused

  • iwantgizmos Level 1 Level 1 (30 points)

    "Well, if you can read a newspaper, real or online.... You do know what a newspaper is?"

     

    lol. huffy kinda. oh well. maybe should have put smiley faces in my previous response. didn't mean to attack you. but just observed a difference with articles and pictures seen by me. oh well, you are more closer to the situation. was kindly hoping for links in return for articles with paypal in the screenshots, but me guess me have to look up the definition of newspaper and try to figure out the wisdom you have bestowed upon me. thanks. :-) :-) :-)

  • 007Aston Level 1 Level 1 (0 points)

    It's not really the process the hackers used to unlock the devices that is interesting, but more the fact that icloud was compromised by the hackers, and apparently Apple didn't admit publicly that the system was compromised.

     

    Now, Apple have said that the icloud was not compromised in this instance. Really?

     

    It seems to me that icloud was compromised, how in the heck could they allow a bot to access many user accounts, in a short period of time, and put heaps of devices in lost mode, along with applying a screen message?

     

    This attack didn't occur over a number of days, but in a relatively short period of time, when Apple could surely expect most of their customers were asleep - not madly realising they had 'lost' all their devices, and whilst the locked screen message has varied slightly, there are common words. Isn't this unsual activity? why was it not discovered by Apple until, possibly 6-8 hours later when we all woke up and started visiting Apple stores, and contacting support?

  • tinous98 Level 1 Level 1 (40 points)

    That would be good if 2-step verification was available for everyone. It is unfortunately not available where I live . Apple treats some of us as second zone customers but the prices of our IPhones and IPads here (New Caledonia) are probably the highest in the world.

  • MajorIP4 Level 1 Level 1 (20 points)

    tinous98 wrote:

     

    That would be good if 2-step verification was available for everyone. It is unfortunately not available where I live . Apple treats some of us as second zone customers but the prices of our IPhones and IPads here (New Caledonia) are probably the highest in the world.

     

    Totally agree with you.

  • pogster Level 4 Level 4 (2,230 points)

    lotsasmiles wrote:

     

    OK - I am not as 'tech savvy' as most on this board, so excuse me if I sound basic.

     

    I cannot understand this ....

     

    Why can't Apple issue a 'fix' - they must have some way of getting around their own security systems.  My iPad is locked by a number I do not know - there is a message on there 'saying' that I have been hacked.  Why can't I put in an over-ride code?  (and for all you who say Apple won't do that as the device may be stolen - my ipad has a serial number ... itunes identifies my ipad when I log in .... itunes identifies my identitiy with my Apple ID - it is MY ipad - **** even Amazon knows which of my 2 ipad's I want to send books to)

     

    Is this waaay to simple?

     

    Even if I have to take my device to a Apple store, why can't they back it up from their own systems even if it is locked?  It is own of their own devices.  Back it up - check my name, DOB, photo ID and itunes password then restore it and reload with all my information intact.  Simple?  You bet - so how come it isn't happening?

     

    Very very frustrating.  Maybe someone out there can enlighten me?  Just don't use big words - I can get very confused

     

    Other than speculation has there been any proof provided anywhere that iCloud was indeed compromised?

  • thomas_r. Level 7 Level 7 (30,530 points)

    Other than speculation has there been any proof provided anywhere that iCloud was indeed compromised?

     

    None.

     

    It's important to understand what it means to say that iCloud was compromised. Many people don't seem to quite understand it. If iCloud were compromised, that would mean that hackers had been able to get access to iCloud as a whole somehow, and obtain access to user accounts through that illicit access. A good example is the eBay breach in which hackers obtained usernames and passwords by hacking eBay directly.

     

    There is no evidence at all of such a breach. In fact, such a breach is not logical, based on the localized nature of the attack. What has happened in this case is that individual user accounts have been breached somehow. How that has happened is unclear at this point, but it probably involves some kind of localized network compromise or something along those lines.

  • lundkeman Level 1 Level 1 (0 points)

    007Aston wrote:

     

    It's not really the process the hackers used to unlock the devices that is interesting, but more the fact that icloud was compromised by the hackers, and apparently Apple didn't admit publicly that the system was compromised.

     

    Now, Apple have said that the icloud was not compromised in this instance. Really?

     

    It seems to me that icloud was compromised, how in the heck could they allow a bot to access many user accounts, in a short period of time, and put heaps of devices in lost mode, along with applying a screen message?

     

    This attack didn't occur over a number of days, but in a relatively short period of time, when Apple could surely expect most of their customers were asleep - not madly realising they had 'lost' all their devices, and whilst the locked screen message has varied slightly, there are common words. Isn't this unsual activity? why was it not discovered by Apple until, possibly 6-8 hours later when we all woke up and started visiting Apple stores, and contacting support?

     

    To your first point, since the unlocking uses a Man-in-the-middle attack, this does not mean that icloud was compromised.  It means they successfully created a fake apple server, that can communicate with a device and potentially icloud (we do not know this for sure.)  Basically unlocking a device, which should only be unlocked by the original Apple ID and password, which they do not possess.  Either the hack can extract this in the exchange somehow, or the password is not needed, just say the Apple ID and some generated hash or not and some specific info that find my device is expecting.

     

    Regarding the bot and putting heaps of users into safe mode.  Once again goes along the lines of the unlock hack.  If you could unlock a phone without knowing the credentials, you could surely lock a phone, establish a passcode, then send a ransom message without credentials.  More likely they have hacked the find my device programs (if you turn it off, I believe the hack is stopped) and potentially icloud.  The doulCi guys claimed 5700 unlocks in 5 minutes, thats 19 devices a second.  Considering router times in the sub 100 ms, this seems plausible to me.  If it really is this quick, I do not know that major decryption/encryption can be done in this short period of time, but since processors operate in Ghz maybe it is.

     

    Too your last comment, If all these device were subject to a MITM attack or some sort of injection, it could/would be a one way communcation.  Meaning the spoofed server sent the device their instructions, if the devices do send responses back to Apple, they would have been intercepted as well and could be dropped, thus Apple would never know anything happened at all.

     

    The other weird thing are reports that people have reset their devices, only to be locked again moments later.  Too me this implies that their reset potentially occurred through the spoofed sever and more data could have been mined from people.  If turning off the find my device service prevents the attack, that is good, but authorities need to ascertain whether more data was compromised from many people changing/resetting their Apple ID and passwords.  These could be compromised, but not used until a later time.

     

    I would also be curious if the attack is against all device or the spoofed server only does a certain percentage of the devices.  Meaning lets say it infects/locks only 10% of devices, by allowing 90% of normal apple traffic through and only truly redirecting or injecting a smaller percentage.  This could represent why some device are reset with no further effects and others are immediately locked again.

  • Toasted111 Level 1 Level 1 (5 points)

     

    The other weird thing are reports that people have reset their devices, only to be locked again moments later.  Too me this implies that their reset potentially occurred through the spoofed sever....

     

     

    So using a man in the middle attack (MITM) a user connects their iPhone to the internet, the iPhone connects to a server which pretends to be an Apple server, the iPhone (and the user) cannot tell the diference, the server locks the iPhone.

     

    The user tries to change their Apple ID password but all this data also goes to the bogus "Apple Server" and is collected.

     

    Wow. Thats reassuring.

Previous 1 25 26 27 28 29 Next