Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How effective is this type of crime system with Activation Lock-secured iPhones? You can't just wipe an iPhone from DFU mode and then set it up normally without the owner's Apple ID information.

Do they try to sell to people who they know won't check if the device has Activation Lock and then disappear when the buyer discovers it doesn't work?



There are very convincing phishing attacks used to get the original owner to reveal their Apple password: https://krebsonsecurity.com/2017/03/if-your-iphone-is-stolen...

I know someone who fell for this. Even though they were skeptical when they received the message, they thought there was a chance it was legit, and therefore gave them some change to recover their stolen phone. I guess they had nothing to lose, as the chance of recovering the phone was ~zero anyway.


Krebs really needs to stop publishing people’s PII.


Very common to then aggressively try to phish the user's iCloud credentials and remove the activation lock; third-party vendors offer this sort of service, and they're very convincing.


> How effective is this type of crime system with Activation Lock-secured iPhones?

Can't you just patch out the check with the checkra1n bootloader exploit?


Worst case, you can still use it as a bag of spare parts maybe?


Or sell the dud locked phone to some sap on ebay then disappear off the face of the earth a couple hundred bucks richer, as is done.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: