The Hacker Behind Apple Malware Ransom Arrested in Russia

A cyber campaign that was targeting iPhone and iPad owners with a sophisticated Ransomware in Australia and New Zealand last month, drawn special attention of online media and security analysts.

Russian Authorities have arrested two young hackers from Moscow for their alleged involvement in compromising Apple ID accounts and then using ‘Apple's Find My iPhone’ service to hold iOS devices for ransom.

A Russian man aged 23 and a teenager aged 17 had been taken into custody in the Southern Administrative District of Moscow for their part in “blocking of Apple devices to extort funds,” claims the press release on the Russian Interior Ministry’s website on Tuesday.

According to the authorities, one of the suspects used phishing websites to trick victims into giving up their Apple ID username and password. The second suspect’s activities are exactly same of the ‘Oleg Pliss attack’.

“The first involved gaining access to the victim’s Apple ID by means of the creation of phishing pages, (gaining) unauthorized access to email or using methods of social engineering,” it said. “The second scheme was aimed at attacking other people’s devices to a prearranged account, and to that end at various Internet resources to create ads for lease Apple ID, containing a large amount of media content.”

Last month, a number of iPhone and iPad users from Australia and other countries reported that their devices were locked with a message that states "Device hacked by Oleg Pliss," demanding US$100 or euros to restore user control of the device.

It was first assumed that Apple’s cloud storage service, iCloud had been compromised in the Oleg Pliss attack, because the hackers were able to send out notifications via the Find My iPhone feature, while Apple denied that their cloud storage service was not compromised and that the affected users' login details must have been compromised elsewhere.

However researchers said, victims can still recover their devices by resetting their devices in "recovery mode" followed by a restore from a backup by connecting to iTunes, but in process they would lose apps and data stored on the device.

The Russian Ministry said the two suspects were Moscow residents. After searching their apartments police apparently found computer hardware, SIM cards, phones used in “illegal activities”, as well as material on how to hack systems.

One of the suspects also had been convicted of a crime earlier, but in a lower-tech form of extortion such as stealing license plates from neighbors’ cars and selling them back to their owners.

The suspects are expected to be charged with unauthorised access to computer information under Article 272 of the Criminal Code.

(source)