With Find My Mac , owners of an Apple-branded machine can easily find a lost Mac or even take control of it remotely. Hackers therefore had the idea of hijacking the function to ransom dozens of people.
Directly integrated with iCloud, the tool has been designed to allow users to protect their machine and the data stored on it in the event of loss or theft.
The application is very complete and it integrates several different modules.
Find My Mac has been used as ransomware by hackers
The best known relates to the location of the lost machine and it allows to display on a map the last place where the computer was located. In order to perfect everything, Apple had the good idea to integrate a function into this module that makes it possible to emit a sound signal in order to find the machine more easily once arrived on site.
But Find My Mac is not limited to just these two functions and the suite offers two other extremely practical tools, tools to lock the machine remotely or even erase all the data stored on it.
Hackers therefore had the idea to hijack this application in order to line their pockets without too much effort.
To begin with, they recovered the usernames and passwords of several iCloud accounts by snooping in one of the many databases available on the dark net.
An attack that claimed many lives
Once in possession of these precious keys, the hackers used them to log into their victims' iCloud accounts and they launched the Find My Mac application in the process to remotely block their Mac with a six-digit code. Finally, those responsible for the attack displayed a message on the screen of these machines in which they invited their owners to pay them a ransom of 0.01 bitcoin in exchange for this famous code, an amount equivalent to about fifty of dollars.
If you are affected, it is obviously better not to pay the ransom and go straight to Apple by proving your good faith using the invoice from your machine.
Then, to avoid unpleasant surprises, it will be recommended to activate the two-step identification and to opt for a strong password… and especially different from that of your e-mail.
– Jovan Cabrera (@bunandsomesauce) September 16, 2017