Here's How to Overcome Newly Discovered iPhone Ransomware

Just a couple steps will save you $50.

There’s an odd iOS ransomware that could target your iPhones and iPads. But luckily, it is easy to overcome.

It’s possible an iPhone or iPad owner could see a different lock screen on his or her iOS-based device when turning it on, revealing an account has been hacked. Rather than the standard swipe-to-unlock slider, the user would see an alert similar to “This device is locked. Unlock 50$.” It’s followed by a “helpappledevice” email address.

While overcoming the threat is as simple as the device’s passcode and changing an iCloud password, some users could fall for the trick and end up sending $50 to the email address via digital-payment services, thinking that would be the only way to regain access to their handset or tablet.

The ransom, which was originally discussed by Dutch Apple-tracking site Apple Tips and previously reported on by Apple blog 9to5Mac, appears to start with iCloud. Malicious hackers hack a user’s iCloud account, change the password, and immediately lock a person’s devices via the Find My iPhone phone-lock feature. That feature also allows users to input a message. So the hackers use the aforementioned text to scare people into thinking that they need to pay $50 to get access to their device and its data.

The fear is real. Ransomware has become an increasingly concerning phenomenon in the security community. In traditional cases, users will click on malicious links or websites, only to find that they’ve given a hacker administrative access to their device. The hacker then threatens to delete the user’s data if he or she doesn’t pay up. Payment is often made via PayPal or through Bitcoin, a cryptocurrency, so the hacker cannot be identified.

The issue has become so troublesome that the FBI has issued a warning against ransomware. Earlier this year, a hospital paid about $17,000 in Bitcoin to regain access to its systems after a hacker locked them down. In June, a university paid approximately $16,000 to kick hackers out of its own systems that had been ransomed.

The iOS ransomware attempt is notably different. For one, the hackers have found their way to iPhones through iCloud.com and not via the devices. Although the hackers technically could wipe an iPhone clean if the owner didn’t pay up, their threats are easily overcome by simply unlocking the device with a passcode, indicating to the iPhone itself that its true owner has found the device. Changing the iCloud.com password would also kick the hackers out of the account and block access to the device.

Still, iPhone and iPad users should keep an eye out for the trick and if it pops up, know immediately that their iCloud.com accounts have been compromised and steps need to be taken to address the issue. Apple has a handy “security and your Apple ID” page that also helps users do a better job of securing their accounts.

 

By Don Reisinger for Fortune.com