How to unlock Apple device after ransomware attack?

by Jake Doe - -


Issue: How to unlock Apple device after ransomware attack?

My iPhone screen is locked and asks to send an email to I am pretty sure it’s a virus because I was asked to pay 50 USD for unlocking the phone. Is there a way to get back my phone without paying?

Solved Answer

Recover now! Recover now!
Reimage is recommended to recover required system components. To get a detailed report and in-depth analysis about your system, use the free scanner. To recover needed system components, please, purchase the licensed version of Reimage Reimage recovery tool. ransomware is a lock-screen malware that aims ant iOS and macOS[1] devices. It is reported that malware aims at iPhones and MacBook Air laptops. Once the infection gets into the device, it locks the screen where crooks ask to contact them via email address:

Hello! Your device is blocked for activation of device: pay $50 for a Bitcoin address. Inform us about the payment and we will send the passcode.
All your devices will be blocked within 24 hours if not receive payment.

Criminals who are standing behind this cyber threat demand to pay $50 for unlocking the device. Even though it’s a considerably small ransom, security experts do not recommend paying it.[2] It might not only be a motivation for cyber criminals to create further illegal projects, but they might ask for more money and never unlock your iPhone, iPad or MacBook.

Security experts claim that this threat mostly operates as screen-locker and barely can damage the system. However, it might be capable of stealing Apple ID and iCloud credentials[3] and enabling “Find My iPhone” feature. As a result, criminals have full access to the device.

Instead of paying the ransom, you should try to unlock the device yourself and terminate the virus.

How to unlock Apple device after ransomware attack

Methods to remove virus from the device

As you already know, you should not pay the ransom to get back access to your device. Thus, you should remove this Apple malware from the device by following these steps:

Step 1. Restart or force-restart your device

In order to restart your iPhone or iPad, follow these instructions:

  1. Press and hold the Sleep/Wake button until you see the slider on the screen.
  2. Then drag the slider for the shutdown.
  3. Press Sleep/Wake button again.

If malware prevents from restarting the device, you can force re-start it.

Force re-start iPhone 6 and earlier version of the device:

  1. Simultaneously press and hold Sleep/Wake button and Home button for about 10 seconds.
  2. Release the keys when you see the Apple logo on the screen.

Force re-start iPhone 7 and iPhone 7 Plus:

  1. Simultaneously press and hold Sleep/Wake and Volume Down buttons for about 10 seconds.
  2. Release the buttons once you see the Apple logo on the screen.

If your MacBook suffered from he virus, you could restore the device by removing the battery and inserting it again.

Step 2. Stop malicious processes and delete malware-related files

Once you unlock the device, you have to check for virus-related files and processes that might be running on the system:

  1. Open Finder, got to Applications.
  2. Open Utilities folder and access Activity Monitor.
    Open Activity Monitor
  3. Attentively look through the running processes. If some of the entries seem malicious, highlight the process with the mouse and click the “i” button located on the top.
  4. It will open a window with technical information.
    Technical information about suspicious file
  5. Click Sample button and wait until the file will be generated.
    Creation of the file sample that should be tested
  6. Check the file in Virus Total online scanner or antivirus program. If the file is identified as dangerous, delete it.

Note. You have to check all files that seem suspicious.

Step 3. Run security software

To make sure that ransomware virus is terminated entirely, you should scan the system with reputable and updated security software. We recommend MacCleanse or MacKeeper. If some malicious entries were left on the system, your chosen security software will remove them.

Unlock hijacked iPhone by changing your Apple ID

  1. Go to using your computer or another device.
  2. Choose “Forgot Apple ID?” option.
  3. Enter requires details: firs name, last name and email address.
  4. Click Continue.
  5. Enter the requested information and choose between two options how you want to reset your password – get an email or answer security questions.
  6. Follow the further instructions to reset the password.

What should you do if nothing has worked?

In some cases, ransomware prevents from restarting and force re-starting computer. If you found yourself in such an unpleasant situation, you should contact Apple Support. The specialists will provide you further instructions how to get back access to your device.

Keep in mind that paying the ransom should not be considered! There’re no guarantees that authors of the ransomware will provide a working solution.

Recover files and other system components automatically

To recover your files and other system components, you can use free guides by experts. However, if you feel that you are not experienced enough to implement the whole recovery process yourself, we recommend using recovery solutions listed below. We have tested each of these programs and their effectiveness for you, so all you need to do is to let these tools do all the work.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided software you agree to our privacy policy and agreement of use.
do it now!
recovery software Happiness
do it now!
recovery software Happiness
Compatible with Microsoft Windows Compatible with OS X
Do you have any trouble?
If you are having problems related to Reimage, you can reach our tech experts to ask them for help. The more details you provide, the better solution they will provide you.
Reimage - a patented specialized Windows repair program. It will diagnose your damaged PC. It will scan all System Files, DLLs and Registry Keys that have been damaged by security threats.Reimage - a patented specialized Mac OS X repair program. It will diagnose your damaged computer. It will scan all System Files and Registry Keys that have been damaged by security threats.
This patented repair process uses a database of 25 million components that can replace any damaged or missing file on user's computer.
To repair damaged system, you have to purchase the licensed version of Reimage malware removal tool.

About the author

Jake Doe
Jake Doe - Computer technology geek

Jake Doe is a News Editor at Ugetfix. Since he met Ugnius Kiguolis in 2003, they both launched several projects that spread awareness about cybercrimes, malware, and other computer-related problems.

Contact Jake Doe
About the company Esolutions


What you can add more about the problem: "How to unlock Apple device after ransomware attack?"