Biggest Non-Governmental Hack … Apple’s iCloud Breached by Dutch-Moroccan Hackers

iPhone theft accounts to half the crimes in cities like New York and San Francisco, pushing law makers in to imposing legislations that require smartphones to have a kill-switch. The proposed kill-switch technology under the Smartphone Theft Prevention Act allows smartphone owners to turn stolen devices into unreadable and unusable devices. Apple already has Activation Lock, a fail-safe introduced in 2007 to keep stolen devices unreadable.

Image: Hacker Team doulCi

Image: Hacker Team doulCi

A group of hackers have reportedly managed to go around Apple’s iCloud activation lock enabling users to restore iDevices without authentication, exploiting Apple’s security. The attack allows them to intercept Apple ID credentials of users as well as to unlock iOS devices which are practically unusable by activation lock. Known as “Team DoulCi”, member’s @AquaXetine and @MerrukTechnolog created a tool called doulCi (iCloud backwards) which they describe as follows:

doulCi is the world’s first Alternative iCloud Server, and the world’s first iCloud Activation Bypass. doulCi will bypass and activate you iDevice for you when you are stuck at the Apple activation menu. So, why would you use it? For example, if you have forgotten your Apple ID and password or no longer have access to your old itunes-email account then it’s impossible to regain control of your Apple Product!! doulCi is the solution that will enable you to can regain permanent access.

The tool doulCi remains available for thieves to unlock stolen iDevices.

According to security researcher Mark Loman of SurfRight, the attack was possible since the Windows version of iTunes does not verify security certificates properly. Team DoulCi demonstrated the attacks effectiveness by posting screenshots of Apple’s iCloud activation service.

The two hackers posted several screenshots of their success:

The two hackers posted several screenshots of their success.

In a statement given to CultofMac, @AquaXetine had warned Apple of the vunerability in March but the Cupertino-based company did not reply. AquaXetine received an email from Apple today to contact them as quickly as possible. However, the hacker took to Twitter to announce that he deleted the mail posting “There are so too late”.

 

The two hackers spent five months to bypass Apple’s iCloud. They said their motive isn’t to make money, but to make users aware that iPhone and iCloud online storage is not safe.

Thousands of Twitter users from around the world were able to bypass using the tool doulCi. Most of the tweets thanking the two Dutch hackers were from outside the U.S., where stolen iPhones are shipped and sold at premium prices in black market.

Very recently, Apple had patched similar risks in OS X and iOS, leaving Windows vulnerable. Loman believes it may have been left vunerable on purpose to allow intelligence agencies access to iCloud servers.

Until Apple fixes the issue, users are advised to not use iCloud services over public Wi-Fi networks. Remarkably, a well known hacker, iH8sn0w in the iPhone community had also discovered an iCloud activation bypass a while ago. One possible insinuation that comes out from the incident is that their servers will soon be tracked with the Interpol knocking at their doors.

Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Evergrande: A black swan event that could spook markets

Evergrande: A black swan event that could spook markets

EverGrande is now known as the “world’s most indebted property developer” and serves as a symbol of corporate excess.
19 hours ago
Moderna vaccine more effective than Pfizer, study says

Moderna vaccine more effective than Pfizer, study says

Moderna’s Covid-19 vaccine does a slightly better job of preventing coronavirus-related hospitalizations and emergency department visits.
3 days ago
iPhone 13 and iPhone 13 Pro: Specifications, Release Date, Features and much more

iPhone 13 and iPhone 13 Pro: Specifications, Release Date, Features and much more

Apple iPhone 13 Pro and iPhone 13 Pro Max can be a hit with its ever new technology A15 Bionic chip and other cool profound features.
4 days ago
Total signs $27 billion energy deal to fund 1-gigawatt solar power plant

Total signs $27 billion energy deal to fund 1-gigawatt solar power plant

The French oil major, Total, has signed a $27 billion deal to fund a 1-gigawatt solar power plant, and boost oil and gas production in the Middle-East region.
4 days ago
PMI seals $1.51 billion takeover of British inhalation specialist Vectura

PMI seals $1.51 billion takeover of British inhalation specialist Vectura

Philip Morris International (PMI) acquires a 22.6% stake in British inhalation specialist Vecutra closing in on the controversial $1.51 billion takeover.
5 days ago
Apple co-founder Steve Wozniak joins the space race

Apple co-founder Steve Wozniak joins the space race

Wozniak, popularly known as “Woz”, is setting up a private space company with Ripcord co-founder Alex Fielding. In a tweet, Wozniak shared a promotional video for the company c
6 days ago