/ REVIEWS

Hackers Lock Users’ MacBooks Through iCloud

Popular articles

04 / 10 / 2017

Hackers Lock Users’ MacBooks Through iCloud

Some Twitter users have recently reported major security hazards. Users find their MacBooks locked and then receive ransom demands to unlock them. This issue has touched even those using the two-factor authentication.

What happened

Hackers can steal someone’s iCloud credentials and lock a MacBook using the Find My Device feature. They then demand a Bitcoin ransom. However, this doesn’t mean that iCloud isn’t secure or that the two-factor authentication is vulnerable. The MacBook hack has mostly affected those who use the same username and password combination for all websites.

How did this happen

Hackers received the private data either from leaks or through phishing emails. These username and password combinations are used to log into the users’ iCloud, so those who aren’t using unique credentials for each account are more likely to be hacked this way. Unbelievably, cybercriminals can easily bypass the two-factor authentication: they simply remotely lock a MacBook as if it was stolen.

What to do if you became a victim

If your MacBook is already locked, take it to the Apple Store to check if you can resume access to your iCloud and unlock your computer. If this is not possible, you have two ways out. The first is pretty obvious – to pay the hackers and hope they’ll send you the unlock passcode. Or you can restore your machine to factory settings and wipe all its data. The first option is highly discouraged; avoid doing the hackers’ bidding.

How to prevent hacking

To avoid being a ransomware victim, follow simple recommendations:

  • Never open suspicious emails or follow any links in them. Always carefully check the sender field.

  • Use a different password for each account you create. This will minimize the effectiveness of brute force attacks, or simply guessing your credentials when one of the passwords is compromised.

  • Use strong passwords, containing at least 8 characters, including a mix of lower case and upper case letters, numbers, and symbols (#, $, %, etc. if available to use).

  • Strong passwords are usually not easy to remember — use a password manager to help you recall them automatically.

Check out our Security Watch to learn more about security hacks and recommendations.