Some Apple iPhone, iPad and Mac devices in Australia have hijacked by a hacker, locking the devices and demanding a ransom be paid to unlock them. Users have reported a message appearing via the Find My iPhone app with instructions to send $50 or $100 to a PayPal account for the phone to be unlocked.
Users first reported the hijacking and locking of their devices in Australia but it seems to have now spread over to the United States. Users experiencing the issue have reported a message appearing on their devices saying “Device hack by Oleg Pliss…”.
It is most likely the exploit has been either due to a vulnerability in the Find My iPhone app or through compromised iCloud accounts, though the exact cause is yet to be confirmed. There has been speculation that this could be related to the recent compromise of eBay’s database with the hackers using credentials stolen from eBay to compromise other websites & services. We recommend changing your iCloud password asap to be safe.
If your Apple device has been taken hostage by this hacker, you simply need perform a factory restore of your iOS device. Steps to do this can be found here. PayPal has also confirmed that they will refund any money transferred to the hacker’s PayPal account.