The two Russian hackers, one 23-year-old and another 17-year old from Moscow, reportedly confessed to scamming users into giving away their Apple IDs and using the Find My iPhone feature to lock the devices until the victims paid a ransom of up to $100 USD.
The press release stats that authorities have searched the hackers' apartments and seized computers, phones, SIM cards and "literature" on hacking.
How They Phish the user ?
One of them was hacking users’ email accounts and elaborate phishing pages to glean victims’ Apple ID credentials. The second scheme – which may or may not related to the Oleg Pliss scam – allegedly bound devices to prearranged accounts and used “various internet resources to create ads.” Those ads promised access to Apple ID accounts that contained “a large amount of media content.” As soon as someone accepted the offer and linked their device to the account, attackers hijacked the devices.