The Brazilian newspaper Folha de S. Paulo reported last month how criminals had been stealing iPhones in Brazil to access people’s bank accounts instead of reselling the devices. Now, the police seem to have finally figured out how they gain access to bank accounts, and to our surprise, the process seems easier than you might think.
Folha de S. Paulo now reported that Police in São Paulo have arrested one of the gangs that specialize in smartphone theft, and the criminals have detailed how they crack the security of Apple devices. One of them even mentions that he can “unlock all iPhones, from 5 to 11.”
At first, it was believed that the thieves used some exploit or other advanced method (like Cellebrite’s tools) to unlock the stolen iPhones, but the whole thing is much simpler than that. Police Chief Fabiano Barbeiro revealed that criminals need only a single tool to access all the device’s data: the iPhone SIM card.
Basically, thieves take the SIM card out of the stolen iPhone and then put it into another iPhone. Using social networks like Facebook and Instagram, they can easily find out the email address used by the person who had the phone stolen. In most cases, this email address is the same as the one used for the Apple ID. All they need to do is reset the Apple ID password using the victim’s phone number.
Barbeiro says that the easiest way criminals have to find passwords is by looking in the Notes app since many users seem to store bank and credit card passwords there. However, with access to the iCloud account, they can easily get all the passwords from the iCloud Keychain as well.
When they download data from the cloud to the new device, they search for information linked to the word “password” and, according to them, they usually get what they need to access the victim’s bank accounts. Once they have this information, they return the SIM card to the victim’s phone and give the device to the gang member responsible for access the bank accounts.
One of the suspects arrested is a 22-year-old computer technician, who told police that he knows at least three other people who instruct criminals interested in getting passwords from stolen smartphones. The São Paulo police have arrested 12 people and already identified 28 others who are involved in smartphone theft. However, the police do not rule out the possibility that some gangs have access to more complex tools to unlock the victims’ iPhones.
Following the previous report, Apple has promised the Brazilian newspaper that it will make it easier for users to delete all data from a stolen iPhone. However, the company did not give details of what exactly it will implement. With iOS 15, users will finally be able to track a powered-off iPhone using the Find My app.
And, of course, the best thing you can do to protect your accounts is not to store your passwords in the Notes app or other non-secure apps. Another good option is to only use an eSIM instead of a regular SIM, as the eSIM cannot easily be transferred to another device.