Nonexistent Guy Holds Australian iDevices For Virtual Ransom

In case you don’t already have a passcode set on your mobile phone and two-factor authentication activated on your most vital accounts, here’s a cautionary tale that shows why you might want to. iPhone and iPad users in Australia woke up early in the morning to a “Find My iPhone” alert that demanded $100 to regain access to their devices.

What’s mystifying about this situation is that, according to a PayPal spokesperson, the payment service doesn’t even have an account that uses the e-mail address listed.

The problem has a few easy solutions that do not involve sending money to anyone, even if they are imaginary. The phones and tablets themselves weren’t hacked; but someone had obtained remote access to devices through the Find My iPhone service. You can use that to remotely erase others’ computers or phones if you’re into mischief, as long as you have access to their accounts.

Find My iPhone lets you set a special message on your phone for anyone who finds it, lock the phone remotely, or make it emit a very loud noise. Which of these options work best for you will depend on where you left your device. That’s how the “ransom” notes were left on the phones of people all over Australia. All users had to do was unlock the phone with their existing passcode or plug it into a computer to regain control.

Australian Apple iDevices hijacked, held to ransom [Sydney Morning Herald]