Apple Inc. (NASDAQ:AAPL) devices are among the most-coveted and stolen devices, and they’re increasingly becoming the target of hackers. This time hackers have discovered a way to exploit the feature that was supposed to make it more difficult for thieves to successfully steal an iPhone. In short, they’re basically stealing the handset virtually, without even putting their hands on it. Then they’re holding it for ransom, demanding money to get it unlocked.

Apple hackers

How this latest Apple hack works

Users on the Apple Support forums shared their experiences with the hack. So far, most of the iPad and iPhone users who have been targeted appear to be in Australia, although a few are located in Europe and North America. Apparently even iMacs have been affected by this hack.

The Apple Inc. (NASDAQ:AAPL) device owners say when they tried to use their device, they discovered that it had been locked. The device is still able to receive messages, however, and the hacker sends a message demanding that the owner of the device make a $50 to $100 payment through PayPal to an email address on Hotmail. The hacker says he or she will unlock the device after the payment is made. A spokesperson for PayPal told the Sydney Morning Herald that there isn’t a PayPal account linked to the email address provided by the hacker and that those who paid to have their Apple device unlocked will receive a refund.

The Australian newspaper reports that affected users received a “lost phone” message from a hacker who claimed to be named Oleg Pliss. There is a well-known software engineer in California who’s named Oleg Pliss, but it’s very unlikely he would be holding iPhones and other Apple Inc. (NASDAQ:AAPL) devices for random. Also there’s a LinkedIn profile for someone with the same name who works in the banking industry in Ukraine and profiles for others who are in Russia.

How to get your Apple device back

Some of those whose Apple Inc. (NASDAQ:AAPL) devices were hacked were able to get them unlocked without paying the ransom. Those who were able to unlock them had a PIN on their device in addition to a password. Others sought help from Apple and / or their mobile carriers to get their devices fixed.

At this point, it’s unclear exactly how the hackers are breaking into these devices. The Verge speculates that the hackers might have gotten their hands on a list of email addresses and passwords. They then could have broken into the Apple Inc. (NASDAQ:AAPL) devices owned by users who have used the same password on their Apple ID as they did on the list the hackers obtained.

It is recommended that those who haven’t done so set up two-step verification for their Apple ID and not use the same password across multiple accounts. A spokesperson for Apple Inc. (NASDAQ:AAPL) reportedly told ZDNet that the hackers did not break into iCloud.