Brazilian iPhone thieves reveal trick to hack devices with shocking ease | #ios | #apple | #iossecurity | #cybersecurity | #infosecurity | #hacker

A gang of thieves caught stealing iPhones in Brazil was able to access user accounts and data simply by swapping the SIM card to another phone and looking up the user’s email address online, a new report has revealed.

Folha De S.Paulo reports on a recently-caught gang who specialized in “hacking bank accounts after the theft of mobile phones” in late 2020. The report says that one of the criminals boasted to police they could unlock “all models of iPhone” from the iPhone 5 right up to the iPhone 11. (the iPhone 12 hadn’t been released in Brazil at the time)

Whilst it had been postulated the gang was using some crazy hacking tool or system, it had actually found a very simple way to bypass iPhone security with worrying ease:

According to Barber, to get the devices unlocked, he removed the chip from the stolen device and insert it into another unlocked device. Then, he started doing searches on social networks (especially Facebook and Instagram) to find out which account was linked to that line number.
Then, he went to search for the email address that the victim used to back up the contents of the device, especially in clouds iCloud and Google Drive, first searched for extensions @gmail.com.

The report says the criminals were seemingly able to restore new phones from an iCloud backup, and would then scour the device for password information stored in an app likes Notes, or within iCloud Keychain for something like credentials for a banking app.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

The report says 12 people were arrested last year as part of the scheme, with another 28 identified as members, it describes how “young men on bicycles” would steal phones from pedestrians, switching the phone to camera mode to stop the iPhone from locking and turning on airplane mode to stop the device being tracked. This explains how the criminals were able to also bypass basic iOS security measures like Touch ID and Face ID, as well as the alphanumeric password protection usually required to unlock a device for use.

You can read the full report here.

var fbAsyncInitOrg = window.fbAsyncInit;
window.fbAsyncInit = function() {
if(typeof(fbAsyncInitOrg)==’function’) fbAsyncInitOrg();
appId: “291830964262722”,
xfbml: true,
version : ‘v2.7’

FB.Event.subscribe(‘xfbml.ready’, function(msg) { // Log all the ready events so we can deal with them later
var events = fbroot.data(‘ready-events’);
if( typeof(events) === ‘undefined’) events = [];

var fbroot = $(‘#fb-root’).trigger(‘facebook:init’);

Original Source link

Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App







National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.