Hackers Allegedly Find Vulnerability in iOS’ Activation Lock

One of iOS’ security features is Activation Lock. For those unfamiliar, Activation Lock is a mechanism that prevents a thief from resetting and wiping a stolen iPhone unless they enter the owner’s Apple ID and password. This is meant to be an anti-theft measure to discourage thieves from stealing iPhones.

So far the feature has been met with praise, with government officials and lawmakers commending Apple on their efforts. However, it seems that no system is without its flaws, and according to two hackers dubbing themselves as AquaXetine and MerrukTechnolog, they claim to have found a vulnerability in Activation Lock.

The pair claims that this vulnerability not only allows thieves to work around the security mechanism, but could possibly even retrieve Apple ID and passwords and any other information stored on Apple’s iCloud storage service.

The hackers reportedly worked on the vulnerability for five months and broke it by using a dummy computer which tricked the iPhone into thinking it was Apple’s servers, thus reversing the effects of Activation Lock.

Using this technique, the hackers claim to have unlocked 30,000 iPhones in the past few days. The hackers have also attempted to reach out to Apple way back in March, but received no word from the tech giant since then, which prompted them to go public with their findings. Apple has yet to comment on the issue.

Source: ubergizmo.com, maclife.com