Russian authorities have arrested two people in Moscow after suspicions of using Apple’s Find My iPhone service in order to hold iPhones and other Apple devices on $100/€100 ransom.
When police raided the apartments of the two arrested, aged 16 and 23, they seized computers, SIM cards, and phones that were supposedly used in the attacks. The pair faces charges of unauthorized access to computer information under Russian Criminal Code.
The attacks took place last month and mostly affected Australian iCloud users. The attackers gained access to iCloud accounts by using reused passwords and then locked down Mac and iOS devices using Find My iPhone. Once locked down, hackers displayed a message on the affected iOS devices requesting a $100/€100 payment in order to free the device.
There’s not a lot of information out there currently that points to specifics about the attacks, but we’ll keep an eye open for more details as they surface. Apple did go on the record, pointing out that the breaches didn’t happen on their end, or their servers, hinting that the attacks took place on a third-party vendor’s server. iCloud and it’s servers, despite this attack that used the service as a launching off point, is free and clear of any malicious code according to Apple.
Update: It’s official, the two hackers that were arrested confessed to law enforcement officials:
Russian authorities say two people from Moscow have confessed to a “ransomware” attack on a number of Apple device owners, mainly in Australia, during May…
The two perpetrators – who were not named, but who were said to have been born in 1991 and 1998, which would make them about 23 and 16 – also confessed to another scheme, where they would connect a new device to a hijacked iCloud account, and then use it to acquire large amounts of media such as music and shows – which they then advertised for sale online.