Users of Apple devices tonight (10:30pm onwards 26 May) found that their iPhone, iPad, iPod had been set to lost mode with requests being made send money to unlock the device.
The message reads:
“Device hacked by Oleg Pliss. For unlock device, you need send voucher code by 100 usd/eur (Moneypack/Ukash/PaySafeCard) to email:firstname.lastname@example.org for unlock.”
It would appear that the attacker has been able to access a user’s iCloud account and using the Find My Phone app, put the device into lost mode with a new or changed passcode.
While we do not have any official comment from Apple this is the advice and information we have been able to distill from support forums and first hand experience.
Users should change their Apple ID password to a strong password and then take the device, via Find My Phone in iCloud ON A DESKTOP, out of lost mode.
If your device had a passcode prior to the attack you should then be fine to gain access once more as the the device will still honour the passcode you know.
If your device did not have a passcode, the attack sets one and the process to get control back is more long winded. You will need to connect the device to your computer using iTunes and perform a backup and restore.
Restore will basically erase the device, reload the operating system and then give you the choice of setting up as new or restoring from a backup. It will also do a sync at the end.
This is the best advice we have to date and we are awaiting formal comment from Apple.