Friday, February 8, 2019

How Hackers and Scammers Break into iCloud-Locked iPhones

Joseph Cox and Jason Koebler:

The iCloud security feature has likely cut down on the number of iPhones that have been stolen, but enterprising criminals have found ways to remove iCloud in order to resell devices. To do this, they phish the phone’s original owners, or scam employees at Apple Stores, which have the ability to override iCloud locks. Thieves, coders, and hackers participate in an underground industry designed to remove a user’s iCloud account from a phone so that they can then be resold.


In practice, “iCloud unlock” as it’s often called, is a scheme that involves a complex supply chain of different scams and cybercriminals. These include using fake receipts and invoices to trick Apple into believing they’re the legitimate owner of the phone, using databases that look up information on iPhones, and social engineering at Apple Stores. There are even custom phishing kits for sale online designed to steal iCloud passwords from a phone’s original owner.


“I wish that they would just use iCloud lock for devices that are reported lost or stolen,” Justin Carroll, owner of FruitFixed, an independent smartphone repair shop in Virginia, told Motherboard. “We’ve seen it hundreds of times—people bring in perfectly working and capable phones that have nothing wrong with them and we can’t do anything for them. We’ve even had it happen to us, where we give a loaner phone to a customer, they don’t remove iCloud, they leave the store, and we have an expensive paperweight. That’s incredibly frustrating.”

4 Comments RSS · Twitter

If it is a loaner, I assume they have collateral on file for it. They should have a check-in process for returning loaners, one step of which should be ensuring iCloud is disabled. If it is not disabled, the cost of the phone should be charged to the customer (after they are notified this will occur). That will get them to come back to the store and unlock the loaner fast.

Why would Apple lock a phone from service that hasn't been lost or stolen? Why can't those valid devices be reused? Seems like Apple could be more flexible here, especially given scammers' ability to work around the locks anyhow.

Yes, a charge to the client seems fair, but ultimately Apple is still forcing a brick on devices that just so happens to force people to go buy new devices from…ready…revelation incoming… Apple itself. Pretty nice way to pad the bottom line.

When you see the incredibly creative way Chinese scammers caused several billions' losses on Apple through returns fraud, you can understand why the company takes a jaundiced eye to such requests:

Leave a Comment