Over the last few days, several Mac users are complaining about being hit by a ransomware attack and have been locked out of their computers. Their Mac devices have been locked with a lock screen message asking them to pay a certain amount of money in Bitcoin for the code to unlock.
As per MacRumors, who first reported the issue, hackers have started locking Mac or iPhone remotely using iCloud’s “Find My iPhone” feature and demanding ransom for giving the new password.
“With access to an iCloud user’s username and password, Find My iPhone on iCloud.com can be used to “lock” a Mac with a passcode even with two-factor authentication turned on, and that’s what’s going on here,” MacRumors noted.
How did this happen? Well, phishing scams, fake virus alerts, using weak passwords for your accounts, the habit of password reuse or recent data breach are the reason. Several number of people’s usernames and passwords have been exposed in recent attacks and hackers were able to gain access to them. Users who use same email/password combination for iCloud are an easy target. These hackers have obtained access to a bunch of iCloud usernames and passwords, and are using them to remotely lock people’s computers.
— dickyutomong (@dickyutomong) August 11, 2017
What to do now? How to protect yourself?
If this happens to you, the only way to get back control of your Mac is to perform a hard reset (which would mean losing all the data) or pay the hackers.
Otherwise, you’ll have to bring your computer into an Apple Store and verify your identity to regain access to it.
If you haven’t been hacked yet, the best thing you can do is the password change. GO and change your Apple ID password. Generate a secure, unique password that’s difficult to hack or guess – that you do not use on any of your other accounts. Also, don’t forget to enable two-factor authentication if it’s not already active on your account.
Disable the ‘Find My iPhone’ feature by going into Settings. On your Mac, you can disable ‘Find My Mac’ from the iCloud panel in System Preferences.
Stop reusing email/password combination to avoid any issue. Your accounts can be misused in several ways and your identity can be hijacked.
Robust security architecture is one of the key benefits of using an Apple device. Unfortunately, cybercriminals have come up with a workaround for these defenses, turning a useful feature provided by Apple against end users.