Multiple iOS users in Australia have reported that their devices have been locked by an unknown attacker.
A message appearing on the screen demands US$100 ransom be sent to the attacker via PayPal.
The attacker is using the name 'Oleg Pliss', but it would be extremely unlikely that anyone would use their real name for a criminal endeavour.
From the accounts provided by users (eg, on Apple Support Communities), it appears that the attacker has managed to obtain a list of Apple IDs and the associated passwords.
There is speculation that part of the problem is people's tendency to use the same email address and password as logins for multiple services. If one site is compromised (as eBay was recently), anyone obtaining the details and with the time and expertise to crack the password hashes can try each credential pair against other sites.
In this case it seems that however the attacker got hold of people's Apple IDs, he or she has used the information to log in and use the Find My iPhone to lock the device and display the ransom message.
Judging by reports from affected users, that's only a problem if you haven't already set a passcode on the device, as the remote lock normally can be overridden by entering that passcode once you've visited iCloud.com and taken the device out of lost mode.
Ensuring that your iCloud account has a strong password that you don't use elsewhere is a sensible move. However, at least one affected user says their iPhone was remotely locked a second time after they had changed the password.
If they really were referring to their Apple ID - the message was slightly ambiguous - then it suggests that either Apple's systems have been compromised, communications between users and those systems are being intercepted, or a keylogger or similar is being used to harvest the credentials.
For devices that didn't have a passcode, the solution seems to be to go through the above process and then backup and restore the device via iTunes on OS X or Windows.
The curious thing about the incident is that at least at this stage it seems to be limited to users who purchased their devices in Australia and New Zealand. Some affected users were overseas at the time of the attack.
There is limited evidence - as shown in the above picture posted by Apple Support Communities user 'amberoonie' - that the attacker may be targeting Macs as well as iOS devices.