How to Avoid “Oleg Pliss” Ransomware Attack, Regain Control of Your iPhone/Apple ID

Customers in Australia are seeing their phones held hostage by “Oleg Pliss”

By on May 27th, 2014 11:30 GMT

So far, “Oleg Pliss” ransomware reports have only been recorded in Australia, but there’s no telling what these hackers are up to. For all you know, your iPhone could be next. To avoid having cybercrooks keeping your Apple ID hostage, here are a few best practices as well as a few ways to regain control of a locked device.

Reports are breaking out that a hacker going by the name of Oleg Pliss has begun taking iDevices and Macs hostage through a ransomware scheme that locks said devices and displays an alert stating “Device hacked by Oleg Pliss.” To have it unlocked, the user is told to send $100/€100 to an anonymous PayPal account.

Oleg Pliss undoubtedly is a fake name used by the hacker. A real Oleg Pliss works at Oracle as a software engineer, while another is listed on LinkedIn as a banking professional in Ukraine. Neither would be so dumb as to expose themselves like that, even if they were behind the scheme.

So far, only a few Australian users have been targeted. Affected locations include Queensland, NSW, Western Australia, South Australia, and Victoria. But there’s no telling what the hackers behind this ransomware will do next. They could be spreading their attacks across the US, Europe, and/or Asia as you are reading these lines.

First off, here’s how you can prevent falling into the trap.

1. Set a passcode lock immediately. This way, any hacker who obtains your Apple ID credentials will also have to bypass the lock to hold your iDevice hostage. Even if the ransomware is displayed, users with passcode locks can still use their phones after the attack.

2. Consider changing your password and / or using two-factor authentication. Apple explains it all in KB article ht5570. Needless to point out, if you’ve been hit by the ransomware, changing the password is a must.

Now for those of you who might be affected. Here’s how to regain control of your device.

Step 1

Whatever you do, don’t pay the hackers a dime. It’s your device and you have every right to regain control of it. It’s not your fault your password got stolen.

Step 2

Contact Apple. It may sound like an ordeal, but what would you prefer: paying $100/€100 upfront not knowing if the hackers will give you back your freedom, or having to chit chat with Apple Support on the phone? You can ring them up here.

Step 3

In case Apple can’t help you right now and / or the hackers have set a passcode on your device, instructions on how to bypass the lock can be found on Apple’s support site, KB article ht1212.

Step 4

Once you regain control of your device, it may be only for a brief period of time. This is your window of opportunity to change your Apple ID password and leave the ransomware guys in the cold. Changing/resetting your password can be done at appleid.apple.com.

Step 5

Once you’ve done all this, it’s highly recommended that you switch on two-step verification, so nothing like this ever happens again. According to Apple, “If you have two-step verification turned on, you'll be asked to send a verification code to the trusted device associated with your Apple ID.”

1 Comment