Hundreds of mobile phones are stolen every day in the world. Single in Barcelona, 330 smartphone subtractions are recorded daily. There is no doubt that it is a profitable business for thieves and scammers, because in a few hours they can be resold and put back on the market.
And that despite the protections that increasingly incorporate mobile phones, such as the Find My Phone tool. For this reason, many thieves force their victims under threat to give them their password before removing their mobile phone.
Apple introduced a security feature in 2013 designed to make iPhones less attractive to thieves. For this, the iPhone could only be associated with an iCloud account, which means that to reuse it, it is necessary to completely eliminate that account from the phone. A stolen iPhone that is still connected to the iCloud account of the original owner is not for personal use or resale.
It is likely that the security feature of iCloud has reduced the number of iPhones that have been stolen, but criminals have found ways to remove iCloud to resell devices.
The digital Motherboard has published an extensive article in which they describe the novel methods used by mobile thieves to bypass the protections of Apple devices. According to this article, not only hackers and thieves use these methods but also independent repair companies.
But how do hackers and hackers get rid of Apple's protections?
According to Motherboard, thieves cheat the original owners of the phone or scam employees in Apple stores, which have the ability to override iCloud locks.
There are three ways to remove an iCloud account from an iPhone. The first is to obtain the owner's original iCloud password through phishing. The second is that an Apple Store administrator can override iCloud, so scammers can trick Apple Store administrators into unlocking a device that does not belong to them.
The third method is to remove the CPU from the iPhone and reprogram to create a "new" device, something that requires a lot of manpower and is rare. This is usually done in Chinese restoration laboratories and involves theft of a telephone identification number, or IMEI, that is "clean").
Pirates and hackers have created an entire business of unlocking iCloud
Each of these methods is used to unlock specific devices and resell them, although some methods are much easier and more widely used than others.
However, it is the case that not all phones with iCloud are stolen devices, some of them are telephones that are returned to the telecommunications companies as part of the phone's updating and insurance programs. Many of these iPhones legitimately obtained but that have the iCloud blocked serve to supply the independent telephone repair industry with spare parts that can not be obtained directly from Apple.
But apparently, as repair companies know that a phone is worth more unlocked than blocked, some of them have become customers of illegal companies dedicated to unlocking iCloud.
Even repair companies turn to the clandestine business of hackers that unlock iPhones
In practice, this "unlock iCloud" activity involves a complex chain of cybercriminal swindlers. Its activity includes the use of false receipts and invoices to deceive Apple and make it believe that it is the legitimate owner of the phone, as well as use databases that seek information on iPhones and social engineering in Apple Stores. There are even custom phishing kits for online sales designed to steal iCloud passwords to the original owner of a phone.
IPhones are very sought after by thieves because they are worth a lot of money, they are abundant and easy to transport and hide. But it is the case that many owners use the Find My iPhone feature, which allows the customer to log into an Apple website and easily see the precise location of their phone on a map, as well as remotely lock their device.
Find My iPhone has contributed to the arrest of phone thieves. But this has also fueled this clandestine business dedicated to unlocking ICloud accounts.