In a forum thread that’s growing faster than grass blades in a Nat-Geo time lapse video, Apple customers seem to be confirming that the widely-reported ransomware attack under the name of Oleg Pliss has spread to the United States and the United Kingdom, in addition to Australia and New Zealand.
As we noted earlier today, the hack could well be spread worldwide, and many users could actually fall for the scam and pay up the $100/€100 without any guarantees that the crooks will unlock their Apple IDs. We even released a guide telling users how to avoid getting trapped and even restore their devices.
However, thanks to one of the posters in the thread, we might have discovered where the ransomware was born: a phishing email.
Phishing is a common practice used by cybercriminals to steal user names and passwords, and the Apple community has had its fair dose of such attacks for the past few years. Suffice to say iOS is on its way to becoming what Windows has been for the hacking community for the past decade: a sea of opportunities.
Earlier this month, an email purporting to be from Apple was sent to various iOS/OS X users with the following message:
This was pointed out by a user who managed to avoid getting hit by the hack, but others may not be so fortunate. If you know you’ve answered to this email as instructed, change your Apple ID password ASAP.
The hackers could have more than one method of obtaining passwords, so keep your eyes peeled for any scams that prompt you to enter your Apple credentials without a solid reason.