Cybercriminals Hacked Apple Devices through Apple IDs 

Important report reveals cybercriminals hacking Apple devices through users' Apple IDs, demanding devices protection from unauthorized access

Cybercriminals have hacked Apple devices, including iPhones, Mac computers, Apple watches, and iPads, through users’ Apple IDs, a new report shows. 

This method draws the devices with notifications requesting users to change their Apple ID passwords. 

Security blog KerbsOnSecurity reported that many Apple users have complained about receiving tons of notifications requesting their permission to change their passwords across all devices. When users received these notifications, they had to interact with each one, one by one, by pressing the notifications and then choosing to allow or not to change the password. As a result, interacting normally with the phones or watching anything became a hassle.  

Vulnerable Engineering  

If the user presses the approval button by mistake, the cybercriminals that hacked Apple then pretends to be a representative of Apple’s customer service. He will reach out to the user via a phone call, claiming that the company has detected hacking attempts on their accounts. The attacker will ask the user to share the code sent via SMS, for security purposes. 

Once the social engineering trick succeeds, the attacker enters the temporary code to complete the password change of the victim’s account. From this point on, the user is under the hacker’s control. The attacker can now blackmail the victim or steal their data, photos, files, and even their banking information stored on the account. Simultaneously, the user is permanently ejected from all devices registered with the same account, and all data on those devices can be remotely deleted.  

The report also gave the example of Chris, a user who changed his phone and created a new Apple ID using different details. Once he activated the new phone, the annoying notifications started appearing again. Since the only information shared between his hacked Apple ID and the new one was his phone number, the attackers must have used that detail to launch their campaign. 

Recovery Key Fails to Secure Accounts 

According to the report, Apple’s system has two flaws when it comes to changing user account passwords. The first enables the hacker to send an unlimited number of notifications to users’ devices within a short period. This large number of notifications increases the probability that users will feel pressured and accidentally approve the password changes. 

The second one is that the Apple Recovery Key feature, which is mainly designed to protect Apple ID accounts, does not prevent password changes through the conventional method, which involves sending notifications to users’ devices. As a result, the Recovery Key fails to fulfill its intended purpose of securing the accounts against unauthorized access. 

Apple has yet to comment on the situation. 

Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.