Every year, millions of phones, particularly iPhones, fall victim to theft. While a portion of these stolen devices is shipped to countries like China for components, a lucrative underground market exists for those seeking to unlock and resell these devices. Research from cybersecurity firm Infoblox has shed light on this thriving cybercrime ecosystem, where tools for unlocking iPhones and conducting phishing attacks are frequently exchanged.
Infoblox has documented numerous groups that sell software solutions focused on unlocking iPhones, with more than 10,000 phishing sites tied to these illegal activities. The usage of these phishing websites has surged by 350% over the past year. Maël Le Touz, a threat researcher at Infoblox, highlights that most of these purchasers are not large-scale operators but rather individuals seeking to profit from the sale of unlocked devices, which can fetch prices between $500 to $1,000 compared to just $50 to $200 when locked.
The uptick in phone theft is alarming, with reports indicating that around 80,000 devices were stolen in London alone within a year. Despite Apple and Google’s strides in enhancing security for stolen devices, the opportunities for thieves to access personal information and bank accounts remain fertile ground for exploitation. Cases have emerged of organized teams, such as a group apprehended by London’s Metropolitan Police, who had dealt with over 5,000 stolen phones, misappropriating funds from financial accounts.
Security experts assert that these phishing attacks often mimic legitimate services, leading to significant breaches. For instance, Infoblox investigated a case where a stolen iPhone user received phishing messages designed to extract personal details by impersonating the ‘Find My iPhone’ service. Scammers utilize accurate details from the devices to make their fraud attempts seem credible.
Infoblox’s researchers began exploring the landscape of stolen-phone unlocking following reports of phishing attempts on users who had lost their devices. Subsequent investigations led them to identify various unlocking services advertised on platforms like Telegram, where individuals share methods for accessing locked devices and conducting phishing operations.
These services range from tools that claim to jailbreak older phones to phishing kits designed to deceive users into revealing their account information. Researchers noted that proper physical access to the device is crucial for unlocking efforts. While some posts in these groups attempt to mask their illegal intentions, the nature of the tools and the methods employed indicate otherwise.
Although Telegram was contacted regarding these illicit channels and removed several groups linked to the activities, the issue remains pervasive. Apple has made great strides in securing its devices, with improved features for stolen device protection, although some security measures may not be enabled by default.
As a safety measure, authorities encourage users to activate built-in anti-theft features, stay vigilant while using their phones in public, and regularly update software to mitigate the risks of falling victim to phone theft and associated cybercrimes.
