787      iPhone_iPad_Mac_apple

Mac ransomware 2017

This is what is happening to me right now, Apple community must be already aware of this, but right now I would really need a quick help since I don't want to delete all my data into the laptop, also because I have important data inside and since at the Apple Care told that this can be fixed in less than 5 min (but since it's everything full for all the next week), I would really love that someone would help me to fix it.

I have already reset my icloud login, and I have looking on the while for all day to see if is there any way kick this out.

Any advice?

This is what's happening:

The workflow of this type of attack presupposes that someone performs unauthorized sign-in to a Mac user’s personal account at iCloud.com. This process can only be successful if the intruder has the would-be victim’s Apple ID and password. There are different theories on ways that the perpetrators obtain these sensitive credentials. The most likely method is through breaches of certain online services. Here’s a plausible scenario: an Apple customer uses the same email address and password to log into their iCloud account and multiple other accounts. If hackers breach servers of some third-party provider and steal numerous users’ PID (personally identifiable data), they may try their luck and use these credentials to access the compromised users’ iCloud profiles.

Once an attacker has furtively logged in, they proceed to the above-mentioned Find My iPhone app and enable the remote device lock. A serious caveat in this context is that locking down a Mac, iPhone or iPad this way can be completed even if two-factor authentication is toggled on. That’s due to the specificity of this emergency feature. The trespasser will also type some custom text to be displayed on the victim’s screen. Some examples are, “Pay me 0.01 BTC ($50) to this address: [hacker’s Bitcoin address], then I will send code to ur email to unlock ur device,” or “Your computer is disabled, write to email: apple.help@post.com.”

If a hacked user chooses to go the route imposed by the perpetrators and sends an email to the indicated address, they will receive an auto-reply with unlock instructions. Again, the wording varies, but it mostly goes, “Hello. Your device is locked. To activate the device, pay $50 to the Bitcoin address: [hacker’s BTC address]. After payment inform us and we will send your access code. Time for payment is 24 hours. If we do not receive payment from you within 24 hours, your device will be blocked.”

This extortion methodology is, by far, the most widespread ransom scam encountered by Apple users nowadays. However, a more sophisticated technique is gearing up for a rise as well. It is reminiscent of commonplace Windows ransomware attacks and revolves around a RaaS (Ransomware-as-a-Service) called MacRansom. This malicious framework is being promoted via Dark Web forums. To try their hand at Mac extortion, wannabe criminals need to contact the proprietors of this RaaS via ProtonMail, a well-known encrypted email provider. The creators will quite likely respond with a sample of the crypto ransomware.

最後更新：2017-10-15 22:00:28

  上一篇： How do I download photos to a hard drive?

  下一篇： How can i stop iCloud drive on macOS El Capitan...