Report: Criminals lock users out of their stolen iPhones using Apple’s recovery key.
iPhone users can reset their Apple ID password or restore access to their Apple ID account using Apple’s recovery key function.
Now, a Wall Street Journal study demonstrates how thieves and cybercriminals can utilize Apple’s advanced security setting to lock a person out of a stolen iPhone. A thief can change the Apple ID password for the original iPhone owner in the Settings app using the 28-character random sequence. The thieves can then delete the phone’s data and disable Find My iPhone on the device to stop the victim from tracing its position.
Greg Frasca, 46, reportedly lost access to his iPhone 14 Pro after it was stolen from a Chicago bar in October, according to a Wall Street Journal report. After the phone was stolen, thieves utilized the information he provided to reset Frasca’s Apple ID password after they saw him typing his passcode at the bar. They allegedly activated the recovery key feature and entered the 28-character code to prevent Frasca from using Apple’s Find My feature to track the stolen iPhone. As a result, the victim is unable to access files like photos and videos or remotely erase the device via iCloud.
Criminals can steal money using Apple Pay or other banking and financial apps if they get access to the stolen iPhone. They can also gain access to sensitive data on the iPhone including photos, files, and emails.
With the release of iOS 15 in 2020, Apple added recovery keys to increase the security of Apple accounts. To change the password or restore access to an Apple ID, utilize a recovery key. Apple immediately disables account recovery after a user creates a recovery key. The user may lose access to their account permanently if they misplace the device and recovery key. On a trusted device that is logged in with your Apple ID, go to Settings or System Preferences to obtain the recovery key.
In response, Apple allegedly stated that it is “always investigating additional protections against emerging threats like this one.” According to the story, an Apple representative said, “We sympathize with those who have had this experience and we take all attacks on our consumers, no matter how rare, extremely seriously. We continuously look into new defenses against emerging threats like this one in addition to the painstaking work we do every day to safeguard the accounts and data of our users.
The most recent instance serves as a reminder of how crucial it is to protect your iPhone. Apple’s biometric unlocking systems, Face ID or Touch ID, are advised for use in public settings by iPhone users. They can also gain access to sensitive data on the iPhone including photos, files, and emails.