惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

I
InfoQ
Spread Privacy
Spread Privacy
GbyAI
GbyAI
F
Fortinet All Blogs
小众软件
小众软件
B
Blog RSS Feed
博客园_首页
量子位
Y
Y Combinator Blog
美团技术团队
H
Hackread – Cybersecurity News, Data Breaches, AI and More
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google DeepMind News
Google DeepMind News
大猫的无限游戏
大猫的无限游戏
Jina AI
Jina AI
T
The Blog of Author Tim Ferriss
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Vercel News
Vercel News
Last Week in AI
Last Week in AI
F
Full Disclosure
Stack Overflow Blog
Stack Overflow Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
宝玉的分享
宝玉的分享
Microsoft Azure Blog
Microsoft Azure Blog
有赞技术团队
有赞技术团队
A
About on SuperTechFans
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
The Cloudflare Blog
Hugging Face - Blog
Hugging Face - Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
T
Tenable Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Project Zero
Project Zero
C
CXSECURITY Database RSS Feed - CXSecurity.com
Engineering at Meta
Engineering at Meta
博客园 - 叶小钗
S
SegmentFault 最新的问题
T
Threat Research - Cisco Blogs
博客园 - 司徒正美
MyScale Blog
MyScale Blog
云风的 BLOG
云风的 BLOG
V
V2EX
酷 壳 – CoolShell
酷 壳 – CoolShell
The GitHub Blog
The GitHub Blog
V
Vulnerabilities – Threatpost
S
Schneier on Security
Latest news
Latest news
I
Intezer
A
Arctic Wolf
T
Threatpost

Security Latest

British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos World Cup Scams Are Getting Harder to Spot A Critical Deadline Is Approaching for Windows and Linux Security Hackers Claim to Leak Stolen Madison Square Garden Data How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society ‘Dangerous’ AI Models Are Coming No Matter What Meta Tapped a Pentagon Supplier to Prototype Face Recognition for Its Glasses The FCC Wants to Kill Burner Phones Grok Is Still Hosting Sexualized Deepfakes of Famous Women Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats Trump Risks Key Surveillance Authority Over ‘Unqualified’ Spy-Chief Pick Wrongful Arrest Exposes Failures in One of the Oldest Police Face-Recognition Tools in the US Soccer Fans, You’re Being Watched Mapping Every Flock License Plate Reader Near US World Cup Stadiums Amnesty International Warns That World Cup Fans Face Potential Human Rights Violations Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe’ Version for the Rest of You Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report All the Ways Europe Is Ditching American Technology Crypto-Funded Chinese Peptide Labs Are Booming Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling The Manhattan Institute Helped Kill DEI. Now It’s Coming for Protests The Romance Scammer Who Made a Small Fortune Posing as a WWE Superstar Websites Can Now Spy on You Through Your Hard Drive Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow The White House’s Aliens.gov Site Brags That ICE Arrested More Than 700 US Citizens The Pentagon Knew Enemies Could Track Troops’ Phones for Years. Now They Are Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks Internet Starts to Return in Iran After 3-Month Blackout US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows The AI Era Is Creating a Bug-Hunting Arms Race The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers ‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale The EU Is Going Through a Trump-Fueled Breakup With Big Tech A Bipartisan Amendment Would End Police License Plate Tracking Nationwide Madison Square Garden Bans Lawyer Representing New York Cop Injured at a Boxing Match Data Brokers’ and AI Firms’ Opt-Out Forms Are Built to Fail, Report Finds You Can Get Some of Your Nudes Removed From the Internet Under a New Law An ICE Firearms Trainer Was Involved in At Least 4 Deadly Shootings Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording DHS Plans Experiment Running ‘Reconnaissance’ Drones Along the US-Canada Border WhatsApp Adds Meta AI Chats That Are Built to Be Fully Private Foxconn Ransomware Attack Shows Nothing Is Safe Forever Iran Is Using Tiny ‘Mosquito’ Boats to Shut Down the Strait of Hormuz Hackable Robot Lawn Mower Unlocks a New Nightmare You Can Disable Gemini in Chrome if It’s Freaking You Out Cybercriminals Are Complaining About AI Slop Flooding Their Forums DHS Demanded Google Surrender Data on Canadian’s Activity, Location Over Anti-ICE Posts Disneyland Now Uses Face Recognition on Visitors OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts Exposed Data Illustrates the Nightmare Scenario for a Stalkerware Victim The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards California Engineer Identified in Suspected Shooting at White House Correspondents Dinner Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet AI Tools Are Helping Mediocre North Korean Hackers Steal Millions Mozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox Meta Is Sued Over Scam Ads on Facebook and Instagram They Built a Legendary Privacy Tool. Now They’re Sworn Enemies The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad It Takes 2 Minutes to Hack the EU’s New Age-Verification App Republican Mutiny Sinks Trump's Push to Extend Warrantless Surveillance The Shocking Secrets of Madison Square Garden’s Surveillance Machine Europe’s Online Age Verification App Is Here The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market The FCC Has a Fast Lane for Complaints About Trump’s Media Critics Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators The Dumbest Hack of the Year Exposed a Very Real Problem Your Push Notifications Aren’t Safe From the FBI How the Internet Broke Everyone’s Bullshit Detectors Anthropic’s Mythos Will Force a Cybersecurity Reckoning—Just Not the One You Think Politicians Are Spending More Money on Security as They Increasingly Become Targets ‘We Were Not Ready for This’: Lebanon's Emergency System Is Hanging by a Thread Men Are Buying Hacking Tools to Use Against Their Wives and Friends Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything Border Patrol Agents Sold Challenge Coins With ‘Charlotte’s Web’ Characters in Riot Gear Hackers Are Posting the Claude Code Leak With Bonus Malware Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards ‘Uncanny Valley’: Iran’s Threats on US Tech, Trump’s Plans for Midterms, and Polymarket’s Pop-up Flop What Happens When a Nuclear Site Is Hit? Unmasking the Paramilitary Agents Behind Trump’s Violent Immigration Crackdown Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool Iran Threatens to Start Attacking Major US Tech Firms on April 1 The US Military’s GPS Software Is an $8 Billion Mess The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s How Trump’s Plot to Grab Iran's Nuclear Fuel Would Actually Work
Your iPhone Gets Stolen. Then the Hacking Begins
Matt Burgess · 2026-05-14 · via Security Latest

Every year, millions of phones are stolen. While thousands of iPhones are shipped to China and broken down for parts, criminals can make more money selling a device that has been unlocked and wiped. Now researchers have unpicked part of the underground web of cybercrime services that can help provide access to stolen iPhones.

Across the web and on Telegram, there’s a “thriving” ecosystem of software sellers helping power the market for stolen iPhones by providing “unlocking” tools and the technology to produce phishing messages to help get access to a phone, according to findings from researchers at cybersecurity firm Infoblox. The company says it has tracked “dozens” of groups selling unlocking tools, mostly with a focus on iPhones, and has linked more than 10,000 phishing websites to the activity. Traffic to these domains increased 350 percent last year, the researchers say.

“Reselling is a hundred percent what they’re going for,” says Maël Le Touz, a staff threat researcher at Infoblox, who says people from all around the world appear to be buying access to the pay-per-use software. The average cost is below $10. “Most of the people looking to unlock phones clearly don’t have thousands of phones in their hands—they’re not at that scale,” Le Touz says.

Over the last few years, the number of phones being stolen has risen—for example, with around 80,000 devices being taken in London in one year. While Apple and Google have improved their protections for stolen devices, a variety of more- and less-sophisticated thieves can still make money from stolen handsets: If a phone is unlocked or a thief has its passcode, they can potentially steal money from online bank accounts or crypto wallets; those snatching phones on the streets or in bars can make hundreds of dollars selling them on.

“Phone thieves don’t just want the handset—they want access to bank accounts and personal information,” says Will Lyne, the head of economic and cybercrime at London’s Metropolitan Police. Lyne highlights one case of four men who had been caught handling more than 5,000 stolen phones and spending money from financial accounts on the devices.

Dan Guido, the CEO and cofounder of security firm Trail of Bits and a strategic adviser to mobile security firm iVerify, says a stolen phone may only be worth $50 to $200 when it is locked. “But if you unlock it, it’s worth $500, or it’s worth $1,000.” That difference can encourage people to develop ways to try and get into devices. “This whole thing is an ecosystem, and there’s multiple people at different levels of the supply chain that all work together in order to unlock phones,” he says.

Security researchers at Infoblox started looking into the stolen-phone unlocking economy earlier this year when a law-enforcement-related contact in Asia messaged them saying their iPhone had been stolen and they had received a phishing message after including alternative contact details on the locked device. A link in the phishing page mimicked an Apple Find My page and showed a false map with the phone’s location—it then showed a pop-up asking for the phone’s PIN code.

Numerous people online, as well as the Swiss National Cybersecurity Center, have reported receiving phishing messages after losing or having their iPhones stolen, with the attackers aiming to get access to Apple iCloud accounts and remove them from phones. “To make the messages look convincing, they include accurate details of the missing device—such as its model, colour, and storage capacity—which the scammers can read directly from the phone itself,” the Swiss body wrote in November. “As there is no known way to bypass this lock, tricking the owner through social engineering is the only realistic option for criminals.”

Le Touz says the Infoblox researchers created DNS fingerprints for the phishing domain they had received and tracked other related Apple look-alike websites. Some of these exposed their administration login pages and also advertised tools to unlock phones. Ultimately, the researchers identified multiple groups on Telegram pushing the “unlocking” services.

While they sell different tools, Infoblox’s Le Touz and Elena Puga write in their research, three features are common: unlocking tools that claim to jailbreak older iPhones or Android devices and pull owner information from phones; phishing kits referred to as “Find My iPhone Off” that can be used to access accounts; and scripts and AI voice calling software to run the phishing operations.

“What you need, first of all, is physical access to the phone,” Le Touz says. If jailbreaks do not work, some of the systems can be used to launch phishing attacks and collect unlocking information. “All the tools we analyzed wipe the device by default as soon as access is attained,” the researchers write in their report.

A video obtained by the researchers shows software called iRealm generating phishing links and pages mimicking Apple services. Other posts linked to iRealm mention features such as “Find My iPhone nullified,” advertise “scripts” that mention Apple Pay, and say the software can provide a “seamless experience” for “accessing and unlocking Apple devices.”

“Hello I have a dozen blocked iPhone limited to the owner,” one person posted in the group of another unlocker, before asking if it’s possible to turn off Find My on the devices. In another group, someone said the unlocking tool they used worked on the first phone they tried but not the second one. In other Telegram groups, members post screenshots of phishing text messages saying iPhones have been turned on or connected to the internet.

While the services do not explicitly mention use for stolen devices, experts say the incorporation of phishing tools within some services indicate they are likely not meant for legitimate purposes. “There’s plenty of means to unlock your own phone through legitimate use of your Apple ID,” says Guido, of Trail of Bits, who has had a friend targeted with phishing after having their iPhone stolen in a bar. “Apple’s provided the right pathway for people that legitimately can't get into their own devices, but these things serve no purpose for someone who's legitimately trying to do that.”

After WIRED contacted Telegram about the phone unlocking channels, the company appeared to remove half a dozen groups linked to the services. “Phishing and the promotion of tools that enable it can and does happen through every method of communication from messengers to email to phone calls,” says a Telegram spokesperson. They did not directly address the removals but say the platform has “industry-leading moderation.”

Apple did not respond to WIRED’s request for comment by the time of publication. In recent years, the company has continued to improve device security making most jailbreaks obsolete and hardening newer iPhones against attacks. The company has also introduced Stolen Device Protection, making it harder for thieves to make changes on phones—although this setting may not be turned on by default.

As the London Metro Police’s Lyne advises: “Simple steps such as activating built‑in anti‑theft features, keeping software updated and using strong passwords, plus being aware of your surroundings when using phones in public can significantly reduce the harm caused if a phone is stolen.”