firmware password ransomware? What do they do?

If your firmware password has been compromised you will need to contact Apple to have them reset the firmware password at an Apple Store, make an appointment first.

1-800-MY-APPLE

apple.com/contact

A reinstall of the OS will not be possible, and it would not bypass this lock.

NOTE: DO NOT PAY ANYONE THE RANSOM, you will likely get nothing but robbed.

in the mean time

You may wish to change your Apple ID log/pass with a password you do not use for any other on line service. If you use your same log/pass combo with another service (e.g. Yahoo, Twitter, Facebook, etc.) and that service is "hacked" then the perpetrators have to only try typing this same combo in any other service to get into your other accounts.

Change your Apple ID password - Apple Support

https://support.apple.com/en-ca/KM205079

Also consider enabling two factor authentication if you have not done so already.

Availability of two-factor authentication for Apple ID - Apple Support

Actually no,

what you are describing is two factor authentication.

The "Firmware Password"is the Extensible Firmware Interface (EFI) password which enables or prevents tampering with the system when it's enabled. The drawback is you can lock someone not only out of the computer but out of restoring the computer to a different state. While this may seem like a flaw it's actually critical in some situations where someone could come in and sabotage a mac in a say a computer lab or in a workplace - or if your computer is stolen there is not a **** thing anyone can do with it.

Firmware password will only "ask you for a password" when you use recovery mode or changing a boot drive, it is not something that interferes or asks for authentication with OS X.

Firmware Password was introduced with Intel CPU Macs but other "lockout" variants were around at least as far back as my Powerbook

yes, that one! But unlike these older built-in password devices the Firmware password will not let you bypass with another boot device.

for more info see this article

How to set a firmware password on your Mac - Apple Support

it should be enabled.

If someone has the password to your account and they are accessing it from their own device then two factor would need to verify their attempt by sending a passcode to an authorize device.

If you didn't have it enabled then they would not be asked to provide a code so they can bypass it.

McCarthyHighland wrote:

I've read several comments that 2 factor security won't prevent this hack. Is that true?

A lot would depend on how the 2nd factor is sent to you. If you are using an iPhone and it is sent via Apple's Messages, it is NOT going to get intercepted.

If you are using another phone, then it will be send as a cell carrier SMS text message. SMS text messages can be intercepted.

If you change your Apple ID password, and make it a strong password, it is unlikely to guessed, so they will not even make it to the 2nd factor

https://xkcd.com/936

GRC's | Password Haystacks: How Well Hidden is Your Needle?

When giving answers to the Security questions Lie, Lie, Lie. Make up nonsense answers. Do not answer truthfully that you went to xyz high school, or your first car was yellow, etc... HOWEVER, make sure you record you nonsense answers with exact spelling and upper lower case. I personally use the 1Password.com password manager and have the encrypted password file shared with all my devices, so if I loose access to one, I can still access my passwords on another. There are other password managers, such as LastPass.com, or even Apple's Applications -> Utilities -> Keychain Access and then use iCloud to share your keychain with your other devices.

If you do all of these things, it is very unlikely your Apple ID will be hacked.

Hello, McCarthyHighland? You may think of my reply as Worthless, but I need practice at writing.

Just _what_ is "firmware password ransomware"? Happily, I feel Ignorant. :-)

P. S. I've used several Macs since 1985. My first Mac was a MacPlus, in 1985. I wrote this with an iMac, with System v10.13 [High Sierra] _&_ a solid-state drive. The solid-state drive makes it Fast, again. [That means no-more Spinning Hard Disk drive, too. :-) ]

McCarthyHighland wrote:

I've read several comments that 2 factor security won't prevent this hack. Is that true?

Yes, it's true. Two-Factor Authentication is not needed to put a device into Lost Mode. This is by design. If it was required and you lost your phone while traveling, you wouldn't be able to put it into lost mode using a non-trusted computer.

Don't enable Find-My-iPhone or Find-My-Mac on a device that doesn't have a passcode or firmware password set. Lost mode can't change a passcode or password, only set one on a device that doesn't already have one set.