iPhone Locked by Hacker Using Find my Device Feature
The message which Apple iPhone and iPad users in Australia were faced with after Russian hackers remotely locked their devices and demanded a ransom to unlock it.

Two people alleged to be behind a major cybercrime campaign against iPhone and iPad owners in Australia have been arrested in Russia.

The Russian Ministry of Internal Affairs announced on Tuesday that it had detained two people in the Southern Administrative District of Moscow for their part in a scam which saw users locked out of their Apple devices and asked to pay a ransom in order to unlock the devices again.

The statement said the two people confessed to being behind the scheme, and are expected to be charged with unauthorised access to computer information under Article 272 of the Criminal Code.

No details about the hackers have been released beyond one being born in 1991 and one born in 1998 - and that one of them has been tried in the past.

Who is Oleg Pliss?

The incident came to light last month when numerous Apple customers in Australia reported finding themselves locked out of their iPhone, iPad or Mac computers and a message demanding a $100 (£60) ransom be paid to a hacker only known as Oleg Pliss.

While the Russian authorities have not explicitly linked the arrests to the Oleg Pliss incident, they did say they were related to the "remote blocking of mobile and stationary [Apple] devices" and the sending of messages demanding money to unlock the devices with threats to delete your data.

While it was initially suspected that the problem was as a result of a breach of Apple's iCloud system, this was categorically denied by Apple and the Russian authorities confirmed this, saying the hackers accessed victims' accounts by hacking users' email accounts, using elaborate phishing pages in order to find out Apple ID credentials.

Once the hackers had access to the victims' Apple account, they used the Find my Device feature to remotely lock the iPhones, iPads and Macs associated with that account.

It is unclear how many users were affected and how many paid the ransom in order to unlock their devices.