You will find the way to change Apple ID locked on iPhone

Six-digit password and fingerprint sensor Touch ID can not fully protect the owners of iPhone 6s from hacking. To such conclusion experts of the company Morphus Labs, analyzing what happened on this week’s incident.

The owner of the iPhone 6s turned to Morphus Labs on the third day after the theft of a smartphone. According to him, the kidnappers changed the passwords to some of his accounts, including your Apple ID, and even contacted his Bank with a request to get the password to the Bank accounts. Fortunately, they did not manage to steal money, but it was unclear how the attackers were able to change the Apple ID on a locked smartphone.

The researchers immediately rejected the idea of a targeted attack (i.e., the attackers had not planned to steal this iPhone), according to Securitylab. Nothing but a mobile device, the victim is not lost. So, the kidnappers had neither her name nor email address nor any other personal data.

Since the discovery of the loss before locking the victim of SIM card it took only two hours, and the attackers had little time to find password to unlock the smartphone. A password should consist of six characters that were reliable and without any confusion with the identities of victims (neither birth date nor the number of the car that the kidnappers, if desired, could learn).

To change the password to your account, Google requires at least a username (email address). How hackers managed to get it? In the Network there are services that offer by IMEI know your Apple ID, but the process takes 24 to 48 hours, and in the disposal of the attackers was not more than two.

All I could get hackers – the phone number of the victim. According to researchers, Google lets you know the email address of the user, putting only his name, surname and phone number. The researchers decided to reproduce the alleged actions of the attackers. They purchased the iPhone 6s and registered an account of Google and Apple.

Acting as the kidnappers, the experts first took out SIM card and put it into another smartphone, learning so a phone number of a “victim”. Then they tried to go the easy way and calculate the user’s name, just typing in Google search the phone number but to no avail. In Facebook search also gave nothing.

Here came to the aid of WhatsApp. One of the researchers remembered that if a member of the group conversations in WhatsApp will get a message from a user that is not in the contact list, its name will be displayed with the phone number. So, sending a message from a blocked iPhone group in WhatsApp, you can get the user name. Knowing the phone number, the researchers sent him a message in WhatsApp, the notification reflected on the lock screen locked iPhone.

With sales in the smartphone technology 3D touch experts replied to the message directly from the lock screen, and then added a contact in group WhatsApp. The researchers once again sent a message, answer it from the lock screen and voila – got the name “victim”. Having a telephone number, name and surname, they were able to obtain through Google, and email address, and then change the passwords to your Google account. Then change the Apple ID was not difficult.

Clifton Nichols

Clifton Nichols

Hi! I’m Clifton and I am a full-stack engineer with a passion for building performant and scalable applications that are beautiful and easy to use.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *