Okay, so it was my husband’s iPhone. Still.
When he got home from work, he grabbed his phone to check the weather and it appeared to be in lock mode. There was a message on the screen in faux Russian instructing him to email firstname.lastname@example.org.
Obviously, he didn’t do that. It was apparent from the get-go that it was one of those ransom scams. Instead, we hopped online to find out how to fix his phone and recover his data. Here’s what we found:
Step 1: Turn off Find My Phone:
Head over to iCloud and proceed like you would as if you forgot your Apple ID password. The hackers activated Find My Phone through your iCloud account and changed your Apple ID password in the process. Once logged in, you can turn off Find My Phone from your account.
Step 2: Backup Your Phone:
Now that your phone has been “found”, you still won’t be able to get in because there will be a passcode on the lock screen. While they can somehow install one of these remotely, you can’t get rid of it remotely. Connect your phone to your computer and backup your data.
Step 3: Clear Your Phone:
Once your phone is backed up, it’s time to clear it. Clearing your phone and restoring to factory settings gets rid of any passcodes stored in the device.
Step 4: Restore Your Phone
Restore your phone using the backup on your computer. Don’t worry – it won’t restore your passcode!
Step 5: Activate 2-Step Verification
Head back to iCloud and activate your 2-Step Verification. This basically makes it impossible for hackers to change your Apple ID without having your phone or one of your other trusted devices with them.
It looks like a lot of steps, but in reality it only took maybe an hour and a half to fix and we didn’t have to pay a ransom. Hopefully this helps someone else with a hacked iPhone.