Specialised equipment is usually required to brute force access into an iPhone and the data contained within it. Israeli firm Cellebrite make equipment that facilitates just that and supplies it to Governments across the globe. However now it seems criminals in Brazil have somehow exploited security flaws to bypass Face/Touch ID and alphanumeric passcodes.
The chief of Police Roberto Monteiro provided more context that explains how the gang was able to achieve this. It would seem pirated applications sold via the dark web have enabled the gang to steal user data including bank details.
“From the moment they managed to unlock the phones, the gang evaluate what’s inside of them. If the people have bank account information, they use another software to take off the data and then start to steal their money,”
Roberto Monteiro
It seems the Criminals have switched techniques and rather than SIM cloning are now using software to brute force into a device with direct access. Of course, unlike SIM cloning this does require physical possession of the device.
Fortunately, Apple is going to put some power back in the hands of customers with its upcoming iOS 15 software update. Find my iPhone will now function even when a device is powered off, enabling a user to locate the device remotely. Previously this required the device to be powered on. Better still the feature will work even if a device has been wiped making the phone akin to a hot potato for a criminal.
It isn’t clear how the new find my iPhone features will work when a phone is powered off but I suspect it uses Bluetooth low energy or similar. Apple has previously implemented a similar solution for express card support on public transit. The aforementioned feature enables a user to authenticate at transit terminals even when the device is switched off.
Citation
Featured image: Mark Chan via Unsplash