A new report from Motherboard today looks into the world of hacking iCloud-locked iPhones. While turning on Find My iPhone (which enables the iCloud lock) is generally thought to be quite secure, Motherboard highlights several ways that thieves, hackers, and coders are getting around the security feature to sell stolen (and non-stolen) devices.
The primary way to get gain access to an iCloud-locked iPhone or iOS device is to enter the password for the iCloud account. The Motherboard article notes that there has been an uptick in muggings where thieves have been asking victims to enter their passwords to turn off Find My iPhone and log out of iCloud before stealing their device. However, that’s not the main way that thieves and hackers are trying to get around the iCloud lock. The two most popular approaches appear to be creating fake receipts and phishing scams, with phishing kits actually sold for novice iPhone thieves.
Motherboard notes that there’s also an elaborate and complicated scheme to reprogram a stolen iPhone with a new IMEI number, but that it’s not very common.
Another complicating matter is that often times legitimate companies like wireless carriers end up with iCloud-locked devices due to customer mistakes when trading in an iPhone. However, based on Motherboard’s research, Apple doesn’t appear to work with third-party companies to unlock iPhones in bulk. These companies add to the stream of iCloud-locked devices on the second-hand market.
The community of iPhone hackers, coders, and thieves has grown along with the increase in iCloud-locked iPhone sales. They often communicate via group chats with apps like Telegram to share tips and tricks. Motherboard was able to gain access to one such chat group and learned more about how they approach unlocking iPhones.
Hackers seem to be using unofficial tools to check on the status of iPhone iCloud-lock status to help them start the process of getting around the security feature.
More concerning, is that some third-parties claim to sell access to Apple’s internal system, GSX for $199. However, some of the offers Motherboard encountered appeared to be scams.
As for the iCloud-lock phishing kits that are being sold, they are custom designed to trick the owner of the lost or stolen iPhone into giving up their password. They even offer the novice thief tutorial videos on the process.
The iCloud specific phishing kits are sold for as little as $75.
As for the fake receipt approach, Mick Ventocilla, owner of Lakshore Tech Repair told Motherboard that he knows people in the repair industry who attempt the tactic.
In another underground chat, Motherboard discovered fake iPhone receipts going for about $150.
Some hackers report that they even have gotten the iCloud-lock removed from iPhones via email with Apple Support.
The full story is a fascinating read, check out the full Motherboard article here.