How Hackers and Scammers Break Into iCloud-Locked iPhones
Sunday February 10, 2019. 04:15 PM , from Slashdot/Apple
Motherboard's Joseph Cox and Jason Koebler report of the underground industry where thieves, coders, and hackers work to remove a user's iCloud account from a phone so that they can then be resold. They reportedly are able to do this by phishing the phone's original owners, or scam employees at Apple Stores, which have the ability to override iCloud locks. The other method (that is very labor intensive and rare) involves removing the iPhone's CPU from the Logic Board and reprogramming it to create what is essentially a 'new' device. It is generally done in Chinese refurbishing labs and involves stealing a 'clean' phone identification number called an IMEI. Here's an excerpt from their report: Making matters more complicated is the fact that not all iCloud-locked phones are stolen devices -- some of them are phones that are returned to telecom companies as part of phone upgrade and insurance programs. The large number of legitimately obtained, iCloud-locked iPhones helps supply the independent phone repair industry with replacement parts that cannot be obtained directly from Apple. But naturally, repair companies know that a phone is worth more unlocked than it is locked, and so some of them have waded into the hacking underground to become customers of illegal iCloud unlocking companies.
In practice, 'iCloud unlock' as it's often called, is a scheme that involves a complex supply chain of different scams and cybercriminals. These include using fake receipts and invoices to trick Apple into believing they're the legitimate owner of the phone, using databases that look up information on iPhones, and social engineering at Apple Stores. There are even custom phishing kits for sale online designed to steal iCloud passwords from a phone's original owner. There are many listings on eBay, Craigslist, and wholesale sites for phones billed as 'iCloud-locked,' or 'for parts' or something similar. While some of these phones are almost certainly stolen, many of them are not. According to three professionals in the independent repair and iPhone refurbishing businesses, used iPhones -- including some iCloud-locked devices -- are sold in bulk at private 'carrier auctions' where companies like T-Mobile, Verizon, Sprint, AT&T, and cell phone insurance providers sell their excess inventory (often through third-party processing companies.)
Read more of this story at Slashdot.
Apr, Mon 22 - 06:41 CEST