The recent iOS 17.3 update is not just any update. It is one of the intermediate versions of iOS 17 with greater relevance by integrating a method of protection against theft which has a curious origin. And it probably wasn’t one of Apple’s priorities, but a series of acts observed in the United States (and surely in other parts of the world) have sounded the alarm.
The operation of this iPhone anti-theft mode basically focuses on prevent thieves from gaining access to our accounts. This prevents them from using the security code to change data such as the Apple ID password or disable the “Search” function. But how could a thief know the code we have on the iPhone? With very studied social engineering.
From a rogue thief to a complete change in how iOS works
A few weeks ago, our colleague Javier Lacort devoted an episode of the “Loop Infinito” podcast to talking about the curious origin of the protection method that iOS 17.3 adds. He cited American journalist Joanna Stern, who detailed in the Wall Street Journal how it all happened. In fact, Stern had already warned on previous occasions about how Thieves used a trick to take advantage of a years-old iOS vulnerability and which Apple did not realize.
There are several cases like that of Aaron Johnson, a well-known iPhone thief who the reporter spoke with about this feature. Johnson, who is already in prison for stealing an iPhone, detailed the operating mode which he made and which he shares with other thieves in the United States.
We’ve already warned that it’s probably not a thing in this country and it’s probably something widespread in Latin America, Europe and, unfortunately, throughout the world
University students party, favorite victims of thieves
In introduction/summary, let’s say that the technique essentially consists of gain the victim’s trust and discover their unlock code. Johnson says cocktail bars and other party venues were his favorite haunts, as he had more opportunities to capture victims enjoying the party atmosphere and, why not say, in some cases they were also intoxicated by alcohol.
Looking at the camera module was a good way for Aaron Johnson to distinguish those who owned an iPhone
It was aimed mainly at young university students. He said he observed them for a few minutes and noticed they were using an iPhone. He Why did I select Apple phones and not Android? This is because, as Johnson commented, iPhones are not only easier to sell on second-hand markets, but they also fetch a higher resale price than other devices. But above all, it is on these devices that the vulnerabilities could be exploited.
And that’s where counting comes in. this happened before iOS 17.3. In previous versions (also in iOS 17.3 if the new protection mode is not activated) it is possible to change security functions by simply entering the iPhone security code. Even signing out of your Apple ID or turning off Find My iPhone works with this unique code. Although perhaps the most striking thing is that you can access the passwords section.
Returning to the evenings where Johnson observed possible victims, he had different techniques to obtain the security code. Some were just trying to sympathize with them, even going so far as to use selling drugs as an excuse. At one point, I asked them for their iPhone to join Snapchat, a social network still very popular with young Americans. At one point, he claimed the iPhone was locked so he could friendly ask them for the code (or let them enter it) and then remember it.
In the end, it’s all part of gain the trust of people who find themselves in a festive and relaxed atmosphere. Although it also details other techniques such as recording them remotely on video in order to see what code they use when unlocking their iPhone. Sometimes he was simply nearby and his own eyesight helped him observe what numbering his victims were using.
What did you do after having the stolen iPhone in your hands?
Stealing the iPhone itself is probably the easiest part of everything, although it is the most dangerous. Johnson doesn’t go into detail about it, but unfortunately it’s all written down and there are many techniques that thieves of items use to steal them silently. The important thing is what he did afterwards.
Apple Pay payments were the fastest and safest way to spend victims’ money
Now far from the victims, Johnson had a vital password to access all of the victim’s information. He changed the Apple ID password to prevent the victim from locating it, deleted the victim’s face from Face ID and added his own… And quite simply with the security code of the iPhone that his rightful owner has established.
Of course, Johnson made a lot of money from the stolen iPhones by selling them used. However, this is not what brought him the most money. He literally stole money from the victims and in the simplest way possible now having full access to your iPhone.
The thieves not only sold the iPhone itself, but also stole money from the victims by making transfers to their accounts and making payments through Apple Pay.
I had several ways to do it, from making purchases and paying with Apple Pay to transferring large sums with access to his banking applications because, as we said previously, he also had access to the password bundle and if the victim saved his banking credentials there, Johnson could see them without difficulty.
It also attracts attention because the circle was closed when it came to Apple product traffic
The end of Johnson’s activity occurred almost a year ago, as He was arrested in March and then sentenced to 94 months in prison. as a result of all acts committed. He himself pleaded guilty at the trial, in addition to implicating 11 other people with whom he acted and of whom it is not known if they have already been arrested or if, on the contrary, they are still free and active.
How iOS 17.3 is protected from this system vulnerability
Due to the unrest caused in the country by the reporting of the Wall Street Journal reporter (Johnson’s testimony is only the end), Apple began to develop protective measures that They won’t prevent the iPhone from being stolen, but they will protect our data and money making techniques like those of Aaron Johnson ineffective.
In the “Face ID/Touch and code” section of iOS 17.3, a new option now appears called “Device Theft Protection”. Function disabled as standardit is therefore recommended to activate it.
Activation of this function is Add another layer of security by requiring Face ID for certain actions and in certain situations. That is to say, to carry out modifications like those made by thieves like Johnson, it will be necessary to recognize the face, without any possibility of using only the code.
The “certain situations” come from the fact that, as already mentioned in the aforementioned settings section, it is only enabled when you are far from a reliable location, thus leaving places like our home or work exempt. And it is assumed that in these places the risk of finding thieves like Johnson is not at all likely.
In Applesfera | What to do if your iPhone is stolen: Step by step to recover, lock or erase it remotely
In Applesfera | How to create an iCloud account from any device
Table of Contents
