MacDirectory magazine is the premiere creative lifestyle magazine for Apple enthusiasts featuring interviews, in-depth tech reviews, Apple news, insights, latest Apple patents, apps, market analysis, entertainment and more.
Issue link: https://digital.macdirectory.com/i/1176476
Defeating Remote Wipe Since users who f ind their iPhone missing of ten put it remotely into "Lost Mode" and supply a contact number in the hopes that an honest person will of fer to return into them, thieves can of course use this information to contact the original owner and attempt to scam them into giving up additional information. However, a new report from Engadget reveals that thieves and hackers may be able to get more information from a locked iPhone than they should. According to the report, the teenage son of leading security expert Marc Rogers, technical advisor for Mr. Robot and organizer of the world's largest hacking conference, DEF CON, recently had his iPhone stolen, with the thieves resorting to some tricks that ba fled even Rogers. As one might expect from someone with Rogers' credentials, his son's iPhone was conf igured almost as securely as an iPhone can be, with all of the latest iOS updates installed and an actual strong password rather than just a four-digit code. Since this was my kid we are talking about, the phone was up to date and had a strong password and FaceID enabled, and activation lock was turned on. As soon as the phone was found to be missing it was switched to Lost Mode and later a wipe command was sent to it. -Marc Rogers, in an email to Engadget Rogers also added that his son noticed the phone missing less than ten minutes after its theft and immediately "began security protocols," switching it to Lost Mode and later sending a remote wipe command. While this should have been the end of the story, Rogers quickly realized that he was dealing with experienced iPhone thieves. Firstly, the iPhone had dropped completely of f the grid, acknowledging neither the Lost Mode activation or the remote wipe. This led Rogers to believe that the iPhone had either been powered down immediately or placed in a bag that would block radio frequency signals. Since professional criminals are well aware of Activation Lock by now, this is known to be par for the course when an iPhone is stolen by an experienced thief, and specialized bags aren't necessarily required — even put ting it inside an empty potato chip bag can be enough to block cellular signals from reaching the iPhone, thereby defeating at tempts to remotely wipe it. Alternatively, simply powering down the iPhone also works just as well, and in either case, the thief takes the iPhone to a place where no signal can reach it before powering it back up to inspect it. Switching the iPhone off or blocking its cellular signal won't bypass Activation Lock, but it does prevent the phone from being remotely wiped, which means that all of the user's data — and contact information — remains theoretically accessible, simply hiding behind their password. Once an iPhone is remotely wiped, thieves have almost no chance of getting any contact information that could be used to launch a phishing attack against the original owner, and ultimately the hope is that they manage to score an iPhone with an older iOS version with security vulnerabilities or a very simple passcode that make it possible to hack into it. 'Spearphishing' In the case of Marc Rogers, however, what happened next was more surprising. A few days after the theft, the teen began receiving "highly targeted messages using information they had apparently managed to ex tract" from his iPhone. Considering that the iPhone was running the latest version of iOS and used a complex password, this information should not have been accessible by thieves. According to Rogers, the information included not only the child's correct Apple ID and its associated email address, but also the phone number associated with it, "even though the SIM card had been killed." Using this info, the attackers "sent a range of different messages trying to several different social engineering tactics" to tr y and get Rogers' son to give up his password or disable the Activation Lock himself. The at tacks were made in the form of text messages and iMessages that were made to look like they came from Apple, although the at tackers also "rotated through a range different mobile numbers" and iCloud addresses, likely to avoid detection or simply being blocked. Rogers did some digging online and discovered how common of a problem this is becoming, with many users who have lost their iPhones being directed to click on links in phishing messages that will redirect them to fake "Find My iPhone" pages. Apple forums are full of users asking for help after clicking on similar phishing emails. After which their phone is almost instantly deleted from their account, never to be seen again. -Marc Rogers What was even more surprising to Rogers was how widespread these "spearphishing" at tacks are and the way in which they're being used. Normally, Rogers notes, this kind of very personalized at tack is used against "high-value targets" like directors of companies and government officials. The fact that it's now being used against "ordinary smartphone users" suggests that the tools to launch these kinds of at tacks have become commonplace. Leaking Contact Info However, the most serious thing about Rogers' experience is that the thieves were able to obtain his son's contact info from an iPhone that should have