Researchers uncovered a growing underground ecosystem helping criminals unlock stolen iPhones and launch phishing attacks against victims. While thousands of iPhones are shipped to China and broken down for parts, criminals can make more money by selling unlocked, wiped devices.
Every year, millions of phones are stolen. Now, researchers have unpicked part of the underground web of cybercrime services that can help provide access to stolen iPhones.
“Reselling is a hundred percent what they’re going for,” said Maël Le Touz, a staff threat researcher at Infoblox. He claimed that people from all around the world appear to be buying access to the pay-per-use software. The average cost is below $10. “Most of the people looking to unlock phones clearly don’t have thousands of phones in their hands, they’re not at that scale,” Le Touz said.
While Apple and Google have improved their protections for stolen devices, a variety of more- and less-sophisticated thieves can still make money from stolen handsets: If a phone is unlocked or a thief has its passcode, they can potentially steal money from online bank accounts or crypto wallets; those snatching phones on the streets or in bars can make hundreds of dollars selling them on.
Dan Guido, the CEO and cofounder of security firm Trail of Bits and a strategic adviser to mobile security firm iVerify, said a stolen phone may be worth only $50 to $200 when locked. “But if you unlock it, it’s worth $500, or it’s worth $1,000.” That difference can encourage people to develop ways to try and get into devices. “This whole thing is an ecosystem, and there are multiple people at different levels of the supply chain that all work together in order to unlock phones,” he said.
“Phone thieves don’t just want the handset, they want access to bank accounts and personal information,” mentioned Will Lyne, the head of economic and cybercrime at London’s Metropolitan Police.
Numerous people online have reported receiving phishing messages after losing their iPhones or having them stolen, with attackers aiming to gain access to Apple iCloud accounts and remove them from their phones.
“To make the messages look convincing, they include accurate details of the missing device, such as its model, colour, and storage capacity which the scammers can read directly from the phone itself,” the Swiss National Cybersecurity Center wrote in November. “As there is no known way to bypass this lock, tricking the owner through social engineering is the only realistic option for criminals,” the Swiss body stated.
Also Read: Top Cybersecurity Companies in Dubai
Over the last few years, the number of phones stolen has risen; for example, around 80,000 devices were taken in London in one year. Across the web and on Telegram, there is a thriving ecosystem of software sellers helping power the market for stolen iPhones by providing unlocking tools and technology to produce phishing messages to gain access to a phone, according to findings from researchers at cybersecurity firm Infoblox.