Story image

Questions remain as Apple’s ANZ users come under attack

31 May 2014

"It's not exactly clear what has happened here,” admits David Harley, Senior Research Fellow, ESET.

“Or why the only people affected so far are Australians and New Zealanders.”

Based upon what is known of Apple IDs being compromised across the region, Harley believes it is extremely unlikely that Apple itself has been hacked or suffered a vulnerability.

"A far more likely scenario would be that ANZ consumers have been targeted by exploiting password reuse - where malicious hackers obtain password and ID credentials in some type of data breach or phishing attack and then reuse them to gain access to other accounts,” he adds.

"Regardless of the root cause, the most important preventative measure is to enable Apple's 2-factor authentication for Apple ID credentials.

“As far as I can ascertain, no-one in Australia or New Zealand who's activated 2-factor authentication has received the ransom demand alert.”

Essentially, this allows users to authenticate using a password, a 4-digit PIN (verification code) texted to a trusted device at each login, and also generates a 14-digit recovery for emergency.

“This might also be a good time to change your AppleID password and ensure that you're not re-using a password that might have been compromised from another service,” Harley warns.

“Apple Australia has also suggested contacting AppleCare or visiting an Apple Store if necessary, and claims that an iCloud breach is not responsible.

"At ESET we are yet to come across an instance where someone has paid the ransom demand, but there's no reason to assume that the criminal would actually restore the victim's access to the affected device(s).

“So I guess it begs the question - even if you pay, will the hacker give you back your digital assets stored on the device?

"For people who have been affected, you could try to erase the device and its password using recovery mode.”

For more details on how to do this visit http://support.apple.com/kb/ht1212

SingularityNET CEO discusses the future of AI
"In my view, AI will eliminate essentially all need for humans to do practical work."
Amazon puts a 'Ring' on smart home surveillance
Ring’s slick products and marketing have certainly helped it to become synonymous with security systems like video doorbells, security cameras, floodlights, and smart home security automation.
Hands-on review: Playing music with Sphero’s Specdrums
Sphero has released this year a new device calling it the ‘Specdrums’. Sphero as a company wanted to branch outside of making Star Wars droids and this gadget is what the company came up with. 
Google Assistant's clever ways to help smart homes go green
Pairing ENERGY STAR-certified smart bulbs with Google Assistant can help you control the lights with just your voice, or set lighting schedules to use electricity only when you need it.
Breakthrough research to revolutionise internet communication
Every email, cell phone call and website visit is encoded into data and sent around the world by laser light.
The world loves smart speakers - and China leads the way
People across the world love their smart speakers – and we have AI assistants like Amazon Alexa to thank for the revolution.
Hands-on review: The Fitbit Versa Lite
At first glance, the Versa and the Versa Lite look exactly the same. For someone who is not a Versa user, the two can be easily mistaken.
Farmers looking for data to help change bad habits
It is no secret that agriculture is a massive cause of environmental issues in NZ. Farmers say they are willing to change, if they get the right data.