Your iPhone Passcode Can Help Criminals Steal Your Money and Data
According to a report by The Wall Street Journal, criminals are exploiting a simple iPhone passcode vulnerability to steal people’s entire digital life.
With only the iPhone and its passcode, an interloper can within seconds change the password associated with the iPhone owner’s Apple ID.
This results in the victim locking out of their account, which includes anything stored in iCloud.
The thief can also use the phone’s financial apps since the passcode can unlock access to all the device’s stored passwords.
“Once you get into the phone, it’s like a treasure box,” said Alex Argiro, who investigated a high-profile theft ring as a New York Police Department detective.
“This is growing,” he said. “It is such an opportunistic crime. Everyone has financial apps,” noting that there have been hundreds of such crimes in the city lately.
Reyhan Ayas, a 31-year-old economist, had his iPhone 13 Pro Max leaving a bar in Midtown Manhattan. Within minutes, he was locked out of her iCloud account, and over the next 24 hours, about $10,000 vanished from her bank account.
All of the victims interviewed by The Wall Street Journal said their iPhones were stolen while they were out at night socializing.
Some said the phones were grabbed out of their hands by someone they had just met. Others said they were physically assaulted and intimidated into handing over their phones and passcodes.
According to an Apple spokeswoman, account-recovery policies are now in place to protect users from bad actors accessing their accounts.
“Security researchers agree that iPhone is the most secure consumer mobile device, and we work tirelessly every day to protect all our users from new and emerging threats,” the spokeswoman said.
“We sympathize with users who have had this experience and we take all attacks on our users very seriously, no matter how rare,” she said. “We will continue to advance the protections to help keep user accounts secure.”
A similar vulnerability exists in Google’s Android mobile operating system. However, the higher resale value of iPhones makes them a far more common target.