It appear hackers have ben able to attack Apple’s iCloud domain following reports of iPhone owners saying their phones were hijacked… and the message from the Australian Government on its Stay Smart Online website is change your iCloud ID and password.
The iPhone users reported that their phones had been remotely locked and they had received a message demanding a PayPal payment to unlock them. Standard ransom ware procedure.
AVG says it appears that some Apple ID’s or passwords were identified, presumably because the users didn’t have different passwords for each account – something we are all advised to do. (don’t use the same password for multiple apps, accounts, etc.) So, the hackers presumably discovered user name and password information belonging to another account and then tried it on the iCloud service… and when the two matched up they were able to remotely turn on security features in the iPhones. Seems they could activate the Find My Phone function, mark the phone as stolen, lock it remotely and then publish the ransom note.