BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • A little-known iPhone tweak will allow thieves to permanently take over your account

    It seems that Apple specialists wanted to do the best, but it turned out as always...

    The recent surge in iPhone thefts in the US and other countries has shown that Apple devices are highly vulnerable to hackers when used in public places. At the end of February, we already wrote that a simple passcode used to unlock an apple device is the most powerful tool that criminals can use to bypass all other security measures, one has only to take possession of the victim's smartphone.

    However, the scammers have gone further and learned how to use yet another Apple security feature to their advantage. A recent Wall Street Journal report cites the example of an American named Greg Fraska, an iPhone user who has been banned from accessing his own Apple account since October last year. Thieves stole a man's iPhone 14 Pro from a Chicago bar after they spied on his lock screen passcode. A simple pin code allowed them to change the password for the man's Apple ID profile, as well as enable a little-known security feature known as the "Recovery Key", after which the account was completely taken over by the criminals. With all the confidential information that was contained there: contacts, messages, photos, etc.

    The recovery key is a security feature that the Cupertino giant introduced back in 2020 as an added layer of protection against intruders. Basically, it's a randomly generated 28-character code that can be used to prevent Apple ID password resets. However, few people use this option, because once an iPhone user loses the aforementioned code, the next time they change their password, there is a risk that Apple will block the user's profile on all their devices. But even without a configured recovery key, as recent cases show, only the lock screen password is enough to hack an account.

    It is clear that these are extremely rare cases when the Face ID or Touch ID of a potential victim did not work, and she entered her access code right in front of the attacker. However, this is quite possible. To avoid a similar situation, you should not use the access code in front of other people at all. Or, alternatively, use a very long unique code to make it harder for an attacker to peep and remember it.

    Another way is to still set up the recovery key in advance, but write it down on physical media, even on a piece of paper, and put it away where no one will have access to this sheet. The main thing is not to forget later where the recovery key is written.

    Another, more secure way is to use the Screen Time feature, which is usually used for parental controls. To do this, go to "Settings" -> "Screen Time" -> "Use a passcode" and then set up a key that is different from the one that is already used as the lock screen password. Then go to the "Privacy and Content Restrictions" section on the same settings page and activate the item using the toggle at the top. Finally, scroll down the list to "Allow changes" and select "Do not allow". So, when changing the password from Apple ID, the attacker will have to enter the passcode from Screen Time.

    And the last option, which will help wrest the account from the clutches of scammers, includes pre-configuring a trusted account, through which it will be possible to change the password from the account. This is done in "Settings" -> Profile name -> "Password and security" -> "Account recovery". There you can add a trusted person who, in which case, will be able to reset the password and return the account to the rightful owner.

    From the looks of it, the tech industry has yet to find the best way to balance convenience and security to protect user accounts without compromising privacy. Until then, we will have to be content with the protection measures that we have.

    Author DeepWeb
    Action1 RMM platform used to establish persistence and deploy ransomware
    New LockBit ransomware targets macOS

    Comments 0

    Add comment