Jump to content
Search Damien's resources; or

Wrong passcode

Roleen

By Roleen
in The Macintosh User Group

 Share

Recommended Posts

Brian

Brian

Posted
Posted

You must have somehow turned on two-factor authentication or your password is messed up. There is nothing that I can help you with. You are going to need to call Apple on this one. 

I'm curious, did you do any major OS updates recently? 

Link to comment
Share on other sites
Roleen

Roleen

Posted
  • Author
Posted

Thank you Brian. No absolutely nothing. I don't want to update I'm still using CS6. I was busy working and the computer literally just restarted by itself and then that message came up. I've never ever had it ask me that and can not for the life of me remember if I did a two-factor password setup ever. I'm sure I didn't. Will phone them monday... what a nuisance really. 

Link to comment
Share on other sites
Brian

Brian

Posted
Posted

@Roleen - Hold Up!!!

It's Ransomware!!

I took a look at your screenshot on my Mac instead of my phone and noticed the "Apple.pass@mail.com." That's not an Apple address and do not email them. They will want $50 in Bitcoin.

As Apple's products become more popular, the chances of this type of crap increase. Do you use Time Machine? If so, when was your last backup? 

From what I've read on the internet, this sucker gets into the firmware on the motherboard, so even resetting the Mac doesn't do much. I would still call Apple, but in reality, setup an appointment with the Genius Bar.

Link to comment
Share on other sites
Roleen

Roleen

Posted
  • Author
Posted

Brian you didn't perhaps see how they got access? I've been googling but not finding much. Its Sunday so can only go to the iStore tomorrow. And any chance they'll be able to retrieve any lost data after a format? Do you think it's a firmware problem? I update my security regularly... 

Link to comment
Share on other sites
Brian

Brian

Posted
Posted

What "security" are you using? I hope it's not MacKeeper. That program is worthless and EVIL

This stuff gets in via an infected e-mail, a compromised iCloud account, a infected browser plug-in, even from an advertisement from an infected server that  is in a radio/music player.

I've even seen this type of thing get into a iPhone when the user watches porn from an infected server, jump to iCloud then attack a iMac when iCloud syncs things. It doesn't have to be a porn site either. If anyone in your household downloads illegal music, software and movies via a torrent, it can most certainly get into your computer that way. 

Link to comment
Share on other sites
Brian

Brian

Posted
Posted

It's really hard to say. We won't know how bad it is until they take a look at things. Honestly, the Genius Bar isn't setup to retrieve your data, only to get your Mac working again. You might have lost everything if you don't have a backup or a time machine backup. 

What comcerns me is which one infected your Mac. Hopefully it's not as bad as I'm thinking. 

Link to comment
Share on other sites
Roleen

Roleen

Posted
  • Author
Posted

Yeah... MacKeeper.... 

what would you recommend in furure I use as security? 

Def wasn't any porn sites ? and I don't really use cloud. Have all my important stuff backed up on externals and changed every password I could think off. Just a few important documents I might have lost now which is a pain in the ass, but lesson learned. 

Didn't back up on time machine... 

Link to comment
Share on other sites
Brian

Brian

Posted
Posted
1 hour ago, Roleen said:

Yeah... MacKeeper....

UN-INSTALL IT!!

Worthless program. Waste of money. It's probably how this Ransomware got in.

Well, if your HD does need to be nuked, then just don't re-install MacKeeper, period. Just Google "MacKeeper Scam" and lots of websites pop-up.

Honestly, I don't use any "security" software other than CleanMyMac 3 weekly, and Malwarebytes for the Mac once a month. I also am very skeptical of e-mail with links and make sure my Adobe Flash and Java are up to date. I use Microsoft Outlook for my e-mail program and turn off the automatic preview function. Even though you don't click on anything in the email, if you have preview turned on so it opens the email in a window automatically, "boom!!" you just opened the e-mail.

I also make sure my browsers are up-to-date and avoid using Safari; I prefer Firefox and to a degree, Chrome. I never use Safari on my Mac. It takes Apple a really long time to push out security updates.

In reality, Ransomware is the new kid on the block and is pretty viscous. Just ask all those banks in Europe who were infected. LOL!! If you are looking for an Antivirus software, I'm liking Webroot these days. There is a Windows Version and a Mac Version. 

Link to comment
Share on other sites
Roleen

Roleen

Posted
  • Author
Posted

Hi Brian. 

Sorry for the delayed response. So basically Apple said it had to of been my apple id that was compromised. I'm chewing really hard on that one, but they assured me it was the only way. 

I took the computer to iStore and the technician escalated the case with apple. The apple representative was very helpful. It took apple it a day to sort out whatever they had to for the iStore technician to get into my computer to be able to format it. Formatting was the only way to be able to us it again unfortunately. 

I also checked my other phone and iPad when I got home and soon as they connected to the internet they went into lost mode as well and asked for a pass code and had the same fake mail address at the bottom. (Which is basically just the message you can add in "Find iPhone" apps settings when you put a device in lost mode)

I mailed the apple representative and she assisted me by telling me to go into my "find iPhone" app. From there I was able to get the devices out of lost mode at least. It is just the mac that works differently and can't be rescued from there. 

So they basically locked all my devices including a broken phone and iMac except my current phone. 

It's just such a nuisance, but now I've learned the hard way to back up ALWAYS... 

 

 

Link to comment
Share on other sites
Brian

Brian

Posted
Posted

If there are any "Jailbroken" devices, it could have gotten in via a rogue app. Also, Apple's servers are routinely hacked, just ask all the actors and their naked photos posted online from their iCloud accounts.

My advice...

Make sure your password for iCloud is strong and ONLY use that password for iCould. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...