Biggest Non-Governmental Hack … Apple’s iCloud Breached by Dutch-Moroccan Hackers

iPhone theft accounts to half the crimes in cities like New York and San Francisco, pushing law makers in to imposing legislations that require smartphones to have a kill-switch. The proposed kill-switch technology under the Smartphone Theft Prevention Act allows smartphone owners to turn stolen devices into unreadable and unusable devices. Apple already has Activation Lock, a fail-safe introduced in 2007 to keep stolen devices unreadable.

Image: Hacker Team doulCi

Image: Hacker Team doulCi

A group of hackers have reportedly managed to go around Apple’s iCloud activation lock enabling users to restore iDevices without authentication, exploiting Apple’s security. The attack allows them to intercept Apple ID credentials of users as well as to unlock iOS devices which are practically unusable by activation lock. Known as “Team DoulCi”, member’s @AquaXetine and @MerrukTechnolog created a tool called doulCi (iCloud backwards) which they describe as follows:

doulCi is the world’s first Alternative iCloud Server, and the world’s first iCloud Activation Bypass. doulCi will bypass and activate you iDevice for you when you are stuck at the Apple activation menu. So, why would you use it? For example, if you have forgotten your Apple ID and password or no longer have access to your old itunes-email account then it’s impossible to regain control of your Apple Product!! doulCi is the solution that will enable you to can regain permanent access.

The tool doulCi remains available for thieves to unlock stolen iDevices.

According to security researcher Mark Loman of SurfRight, the attack was possible since the Windows version of iTunes does not verify security certificates properly. Team DoulCi demonstrated the attacks effectiveness by posting screenshots of Apple’s iCloud activation service.

The two hackers posted several screenshots of their success:

The two hackers posted several screenshots of their success.

In a statement given to CultofMac, @AquaXetine had warned Apple of the vunerability in March but the Cupertino-based company did not reply. AquaXetine received an email from Apple today to contact them as quickly as possible. However, the hacker took to Twitter to announce that he deleted the mail posting “There are so too late”.

 

The two hackers spent five months to bypass Apple’s iCloud. They said their motive isn’t to make money, but to make users aware that iPhone and iCloud online storage is not safe.

Thousands of Twitter users from around the world were able to bypass using the tool doulCi. Most of the tweets thanking the two Dutch hackers were from outside the U.S., where stolen iPhones are shipped and sold at premium prices in black market.

Very recently, Apple had patched similar risks in OS X and iOS, leaving Windows vulnerable. Loman believes it may have been left vunerable on purpose to allow intelligence agencies access to iCloud servers.

Until Apple fixes the issue, users are advised to not use iCloud services over public Wi-Fi networks. Remarkably, a well known hacker, iH8sn0w in the iPhone community had also discovered an iCloud activation bypass a while ago. One possible insinuation that comes out from the incident is that their servers will soon be tracked with the Interpol knocking at their doors.

Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.
  1. Network Rail Plans to Open NDC at Former Peugeot Site | Industry Leaders Magazine says:

    […] ft national distribution centre, NDC, at Prologis’ Ryton site, which was the site of the former Peugeot plant. The £25 million national distribution centre, which will be located near Coventry in the […]

Leave a Reply

Your email address will not be published.

Recent Posts

Juul Products Banned – Will The FDA Win The Battle?

Juul Products Banned – Will The FDA Win The Battle?

In a written statement, FDA Commissioner Robert M. Califf stated, “Today’s action is further progress on the FDA’s commitment to ensuring that all e-cigarette and electronic
5 hours ago
The Mark Cuban Cost Plus Drug Company Takes on Big Pharmas

The Mark Cuban Cost Plus Drug Company Takes on Big Pharmas

Commonly used generic drugs are available at a 15% markup, plus a $3 dispensing fee and $5 shipping fee. In an interview with PBS News, Cuban told the host that the Mark Cuban phar
6 hours ago
The Brookfield Global Transition Fund Promises Net Zero Returns

The Brookfield Global Transition Fund Promises Net Zero Returns

According to a written statement issued by the company, they have already deployed $2.5 billion to fund decarbonization technologies in the US, the UK, Germany, and North America.
12 hours ago
Network Configuration Error Causes Cloudflare Outage Across 19 Locations

Network Configuration Error Causes Cloudflare Outage Across 19 Locations

The Cloudflare outage was most problematic for users of Cloudflare’s DNS lookup service. “Customers attempting to reach Cloudflare sites in impacted regions will observe 50
1 day ago
Tesla Employee Lawsuit Alleges Violation of Federal Law Amidst Layoffs

Tesla Employee Lawsuit Alleges Violation of Federal Law Amidst Layoffs

Tesla laying off employees has impacted workers across divisions from human resources to engineering. The plaintiffs are seeking 60 days of compensation and benefits for all those
2 days ago
Nasdaq’s Opening Bell Ushers in a Metaverse Moment for Women

Nasdaq’s Opening Bell Ushers in a Metaverse Moment for Women

Back in 2020, she wrote a feature for Forbes, where she confidently penned that a new era will herald all good things metaverse, she asserted that it “will unleash amazing creati
2 days ago