“We’re seeing reports of online ne’er-do-wells taking advantage of a long-existing system-locking tool in iCloud’s Find My Mac feature, which isn’t locked behind two-factor authentication, to lock up Macs remotely and hold them for ransom,” Casey reports. “These attacks aren’t due to a mistake, or a change in how Apple implements two-factor authentication (2FA). The company intentionally makes its Find My iOS and macOS device services — which can place a lock-code on a machine — accessible once you’ve entered your iCloud password. The reasoning is because you might have lost access to your trusted device as a result of the theft (your iPhone, for example, could be stolen from you in public).”
“We’ve argued in the past that Apple needs to find some way to implement 2FA for this service, but to no avail,” Casey reports. “Such remote takeovers have plagued iPhone users for years. But now that Apple has extended the same ‘Find My Device’ service to Macs, online criminals are using the same technique to hijack laptops and desktop computers.”
Read more in the full article here.
MacDailyNews Take: Use unique passwords. If you haven’t already done so, enable two-factor authentication.
You can also turn off Find My Mac via System Preferences > Internet Accounts > iCloud > Find My Mac.
If you’re affected, contact Apple Support.