Questions remain as Apple’s ANZ users come under attack

“It’s not exactly clear what has happened here,” admits David Harley, Senior Research Fellow, ESET.

“Or why the only people affected so far are Australians and New Zealanders.”

Based upon what is known of Apple IDs being compromised across the region, Harley believes it is extremely unlikely that Apple itself has been hacked or suffered a vulnerability.

“A far more likely scenario would be that ANZ consumers have been targeted by exploiting password reuse – where malicious hackers obtain password and ID credentials in some type of data breach or phishing attack and then reuse them to gain access to other accounts,” he adds.

“Regardless of the root cause, the most important preventative measure is to enable Apple’s 2-factor authentication for Apple ID credentials.

“As far as I can ascertain, no-one in Australia or New Zealand who’s activated 2-factor authentication has received the ransom demand alert.”

Essentially, this allows users to authenticate using a password, a 4-digit PIN (verification code) texted to a trusted device at each login, and also generates a 14-digit recovery for emergency.

“This might also be a good time to change your AppleID password and ensure that you’re not re-using a password that might have been compromised from another service,” Harley warns.

“Apple Australia has also suggested contacting AppleCare or visiting an Apple Store if necessary, and claims that an iCloud breach is not responsible.

“At ESET we are yet to come across an instance where someone has paid the ransom demand, but there’s no reason to assume that the criminal would actually restore the victim’s access to the affected device(s).

“So I guess it begs the question – even if you pay, will the hacker give you back your digital assets stored on the device?

“For people who have been affected, you could try to erase the device and its password using recovery mode.”

For more details on how to do this visit http://support.apple.com/kb/ht1212

Follow Us
on Google+
Sponsored

Hilton Auckland

As more and more conferences and events arrive in New Zealand, the opportunity to gain knowledge and build networks becomes better every day. Conferences can be hard work, and there’s nothing like retiring to a nice hotel room at the end of the day to relax and rest. But how do you turn a night in a hotel room into a lesson in building brand loyalty?   Read More →

Android App Review: Vimeo

NetGuide I review a lot of apps that, for one reason or another, aren’t that good. But it’s rare to find one that’s actually irredeemably broken. Video sharing website Vimeo’s app, however, is closer than it should be for an app with such obvious potential.   Read More →

Review: Samsung Gear S

NetGuide It takes something pretty special to stand out from the crowd in the smart wearable space. With new smartwatches and bands launching on a weekly basis, there’s lots of noise and plenty of confusion.   Read More →