BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • A little-known iPhone tweak will allow thieves to permanently take over your account

    It seems that Apple specialists wanted to do the best, but it turned out as always...

    The recent surge in iPhone thefts in the US and other countries has shown that Apple devices are highly vulnerable to hackers when used in public places. At the end of February, we already wrote that a simple passcode used to unlock an apple device is the most powerful tool that criminals can use to bypass all other security measures, one has only to take possession of the victim's smartphone.

    However, the scammers have gone further and learned how to use yet another Apple security feature to their advantage. A recent Wall Street Journal report cites the example of an American named Greg Fraska, an iPhone user who has been banned from accessing his own Apple account since October last year. Thieves stole a man's iPhone 14 Pro from a Chicago bar after they spied on his lock screen passcode. A simple pin code allowed them to change the password for the man's Apple ID profile, as well as enable a little-known security feature known as the "Recovery Key", after which the account was completely taken over by the criminals. With all the confidential information that was contained there: contacts, messages, photos, etc.

    The recovery key is a security feature that the Cupertino giant introduced back in 2020 as an added layer of protection against intruders. Basically, it's a randomly generated 28-character code that can be used to prevent Apple ID password resets. However, few people use this option, because once an iPhone user loses the aforementioned code, the next time they change their password, there is a risk that Apple will block the user's profile on all their devices. But even without a configured recovery key, as recent cases show, only the lock screen password is enough to hack an account.

    It is clear that these are extremely rare cases when the Face ID or Touch ID of a potential victim did not work, and she entered her access code right in front of the attacker. However, this is quite possible. To avoid a similar situation, you should not use the access code in front of other people at all. Or, alternatively, use a very long unique code to make it harder for an attacker to peep and remember it.

    Another way is to still set up the recovery key in advance, but write it down on physical media, even on a piece of paper, and put it away where no one will have access to this sheet. The main thing is not to forget later where the recovery key is written.

    Another, more secure way is to use the Screen Time feature, which is usually used for parental controls. To do this, go to "Settings" -> "Screen Time" -> "Use a passcode" and then set up a key that is different from the one that is already used as the lock screen password. Then go to the "Privacy and Content Restrictions" section on the same settings page and activate the item using the toggle at the top. Finally, scroll down the list to "Allow changes" and select "Do not allow". So, when changing the password from Apple ID, the attacker will have to enter the passcode from Screen Time.

    And the last option, which will help wrest the account from the clutches of scammers, includes pre-configuring a trusted account, through which it will be possible to change the password from the account. This is done in "Settings" -> Profile name -> "Password and security" -> "Account recovery". There you can add a trusted person who, in which case, will be able to reset the password and return the account to the rightful owner.

    From the looks of it, the tech industry has yet to find the best way to balance convenience and security to protect user accounts without compromising privacy. Until then, we will have to be content with the protection measures that we have.

    Author DeepWeb
    Action1 RMM platform used to establish persistence and deploy ransomware
    New LockBit ransomware targets macOS

    Comments 0

    Add comment