惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

Security Latest

British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos World Cup Scams Are Getting Harder to Spot A Critical Deadline Is Approaching for Windows and Linux Security Hackers Claim to Leak Stolen Madison Square Garden Data How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society ‘Dangerous’ AI Models Are Coming No Matter What Meta Tapped a Pentagon Supplier to Prototype Face Recognition for Its Glasses The FCC Wants to Kill Burner Phones Grok Is Still Hosting Sexualized Deepfakes of Famous Women Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats Trump Risks Key Surveillance Authority Over ‘Unqualified’ Spy-Chief Pick Wrongful Arrest Exposes Failures in One of the Oldest Police Face-Recognition Tools in the US Soccer Fans, You’re Being Watched Mapping Every Flock License Plate Reader Near US World Cup Stadiums Amnesty International Warns That World Cup Fans Face Potential Human Rights Violations Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe’ Version for the Rest of You Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report All the Ways Europe Is Ditching American Technology Crypto-Funded Chinese Peptide Labs Are Booming Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling The Manhattan Institute Helped Kill DEI. Now It’s Coming for Protests The Romance Scammer Who Made a Small Fortune Posing as a WWE Superstar Websites Can Now Spy on You Through Your Hard Drive Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow The White House’s Aliens.gov Site Brags That ICE Arrested More Than 700 US Citizens The Pentagon Knew Enemies Could Track Troops’ Phones for Years. Now They Are Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks Internet Starts to Return in Iran After 3-Month Blackout US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows The AI Era Is Creating a Bug-Hunting Arms Race The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers ‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale The EU Is Going Through a Trump-Fueled Breakup With Big Tech A Bipartisan Amendment Would End Police License Plate Tracking Nationwide Madison Square Garden Bans Lawyer Representing New York Cop Injured at a Boxing Match Data Brokers’ and AI Firms’ Opt-Out Forms Are Built to Fail, Report Finds You Can Get Some of Your Nudes Removed From the Internet Under a New Law An ICE Firearms Trainer Was Involved in At Least 4 Deadly Shootings Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording DHS Plans Experiment Running ‘Reconnaissance’ Drones Along the US-Canada Border WhatsApp Adds Meta AI Chats That Are Built to Be Fully Private Foxconn Ransomware Attack Shows Nothing Is Safe Forever Iran Is Using Tiny ‘Mosquito’ Boats to Shut Down the Strait of Hormuz Hackable Robot Lawn Mower Unlocks a New Nightmare You Can Disable Gemini in Chrome if It’s Freaking You Out Cybercriminals Are Complaining About AI Slop Flooding Their Forums DHS Demanded Google Surrender Data on Canadian’s Activity, Location Over Anti-ICE Posts Disneyland Now Uses Face Recognition on Visitors OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts Exposed Data Illustrates the Nightmare Scenario for a Stalkerware Victim The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards California Engineer Identified in Suspected Shooting at White House Correspondents Dinner Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet AI Tools Are Helping Mediocre North Korean Hackers Steal Millions Mozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox Meta Is Sued Over Scam Ads on Facebook and Instagram They Built a Legendary Privacy Tool. Now They’re Sworn Enemies The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad It Takes 2 Minutes to Hack the EU’s New Age-Verification App Republican Mutiny Sinks Trump's Push to Extend Warrantless Surveillance The Shocking Secrets of Madison Square Garden’s Surveillance Machine Europe’s Online Age Verification App Is Here The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market The FCC Has a Fast Lane for Complaints About Trump’s Media Critics Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators The Dumbest Hack of the Year Exposed a Very Real Problem Your Push Notifications Aren’t Safe From the FBI How the Internet Broke Everyone’s Bullshit Detectors Anthropic’s Mythos Will Force a Cybersecurity Reckoning—Just Not the One You Think Politicians Are Spending More Money on Security as They Increasingly Become Targets ‘We Were Not Ready for This’: Lebanon's Emergency System Is Hanging by a Thread Men Are Buying Hacking Tools to Use Against Their Wives and Friends Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything Border Patrol Agents Sold Challenge Coins With ‘Charlotte’s Web’ Characters in Riot Gear Hackers Are Posting the Claude Code Leak With Bonus Malware Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards ‘Uncanny Valley’: Iran’s Threats on US Tech, Trump’s Plans for Midterms, and Polymarket’s Pop-up Flop What Happens When a Nuclear Site Is Hit? Unmasking the Paramilitary Agents Behind Trump’s Violent Immigration Crackdown Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool Iran Threatens to Start Attacking Major US Tech Firms on April 1 The US Military’s GPS Software Is an $8 Billion Mess The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s How Trump’s Plot to Grab Iran's Nuclear Fuel Would Actually Work
Your iPhone Gets Stolen. Then the Hacking Begins
Matt Burgess · 2026-05-14 · via Security Latest

Every year, millions of phones are stolen. While thousands of iPhones are shipped to China and broken down for parts, criminals can make more money selling a device that has been unlocked and wiped. Now researchers have unpicked part of the underground web of cybercrime services that can help provide access to stolen iPhones.

Across the web and on Telegram, there’s a “thriving” ecosystem of software sellers helping power the market for stolen iPhones by providing “unlocking” tools and the technology to produce phishing messages to help get access to a phone, according to findings from researchers at cybersecurity firm Infoblox. The company says it has tracked “dozens” of groups selling unlocking tools, mostly with a focus on iPhones, and has linked more than 10,000 phishing websites to the activity. Traffic to these domains increased 350 percent last year, the researchers say.

“Reselling is a hundred percent what they’re going for,” says Maël Le Touz, a staff threat researcher at Infoblox, who says people from all around the world appear to be buying access to the pay-per-use software. The average cost is below $10. “Most of the people looking to unlock phones clearly don’t have thousands of phones in their hands—they’re not at that scale,” Le Touz says.

Over the last few years, the number of phones being stolen has risen—for example, with around 80,000 devices being taken in London in one year. While Apple and Google have improved their protections for stolen devices, a variety of more- and less-sophisticated thieves can still make money from stolen handsets: If a phone is unlocked or a thief has its passcode, they can potentially steal money from online bank accounts or crypto wallets; those snatching phones on the streets or in bars can make hundreds of dollars selling them on.

“Phone thieves don’t just want the handset—they want access to bank accounts and personal information,” says Will Lyne, the head of economic and cybercrime at London’s Metropolitan Police. Lyne highlights one case of four men who had been caught handling more than 5,000 stolen phones and spending money from financial accounts on the devices.

Dan Guido, the CEO and cofounder of security firm Trail of Bits and a strategic adviser to mobile security firm iVerify, says a stolen phone may only be worth $50 to $200 when it is locked. “But if you unlock it, it’s worth $500, or it’s worth $1,000.” That difference can encourage people to develop ways to try and get into devices. “This whole thing is an ecosystem, and there’s multiple people at different levels of the supply chain that all work together in order to unlock phones,” he says.

Security researchers at Infoblox started looking into the stolen-phone unlocking economy earlier this year when a law-enforcement-related contact in Asia messaged them saying their iPhone had been stolen and they had received a phishing message after including alternative contact details on the locked device. A link in the phishing page mimicked an Apple Find My page and showed a false map with the phone’s location—it then showed a pop-up asking for the phone’s PIN code.

Numerous people online, as well as the Swiss National Cybersecurity Center, have reported receiving phishing messages after losing or having their iPhones stolen, with the attackers aiming to get access to Apple iCloud accounts and remove them from phones. “To make the messages look convincing, they include accurate details of the missing device—such as its model, colour, and storage capacity—which the scammers can read directly from the phone itself,” the Swiss body wrote in November. “As there is no known way to bypass this lock, tricking the owner through social engineering is the only realistic option for criminals.”

Le Touz says the Infoblox researchers created DNS fingerprints for the phishing domain they had received and tracked other related Apple look-alike websites. Some of these exposed their administration login pages and also advertised tools to unlock phones. Ultimately, the researchers identified multiple groups on Telegram pushing the “unlocking” services.

While they sell different tools, Infoblox’s Le Touz and Elena Puga write in their research, three features are common: unlocking tools that claim to jailbreak older iPhones or Android devices and pull owner information from phones; phishing kits referred to as “Find My iPhone Off” that can be used to access accounts; and scripts and AI voice calling software to run the phishing operations.

“What you need, first of all, is physical access to the phone,” Le Touz says. If jailbreaks do not work, some of the systems can be used to launch phishing attacks and collect unlocking information. “All the tools we analyzed wipe the device by default as soon as access is attained,” the researchers write in their report.

A video obtained by the researchers shows software called iRealm generating phishing links and pages mimicking Apple services. Other posts linked to iRealm mention features such as “Find My iPhone nullified,” advertise “scripts” that mention Apple Pay, and say the software can provide a “seamless experience” for “accessing and unlocking Apple devices.”

“Hello I have a dozen blocked iPhone limited to the owner,” one person posted in the group of another unlocker, before asking if it’s possible to turn off Find My on the devices. In another group, someone said the unlocking tool they used worked on the first phone they tried but not the second one. In other Telegram groups, members post screenshots of phishing text messages saying iPhones have been turned on or connected to the internet.

While the services do not explicitly mention use for stolen devices, experts say the incorporation of phishing tools within some services indicate they are likely not meant for legitimate purposes. “There’s plenty of means to unlock your own phone through legitimate use of your Apple ID,” says Guido, of Trail of Bits, who has had a friend targeted with phishing after having their iPhone stolen in a bar. “Apple’s provided the right pathway for people that legitimately can't get into their own devices, but these things serve no purpose for someone who's legitimately trying to do that.”

After WIRED contacted Telegram about the phone unlocking channels, the company appeared to remove half a dozen groups linked to the services. “Phishing and the promotion of tools that enable it can and does happen through every method of communication from messengers to email to phone calls,” says a Telegram spokesperson. They did not directly address the removals but say the platform has “industry-leading moderation.”

Apple did not respond to WIRED’s request for comment by the time of publication. In recent years, the company has continued to improve device security making most jailbreaks obsolete and hardening newer iPhones against attacks. The company has also introduced Stolen Device Protection, making it harder for thieves to make changes on phones—although this setting may not be turned on by default.

As the London Metro Police’s Lyne advises: “Simple steps such as activating built‑in anti‑theft features, keeping software updated and using strong passwords, plus being aware of your surroundings when using phones in public can significantly reduce the harm caused if a phone is stolen.”