Article 6QW36 Ever wonder how crooks get the credentials to unlock stolen phones?

Ever wonder how crooks get the credentials to unlock stolen phones?

by
Dan Goodin
from Ars Technica - All content on (#6QW36)
phone-theft-800x523.jpg

Enlarge (credit: Getty Images)

A coalition of law-enforcement agencies said it shut down a service that facilitated the unlocking of more than 1.2 million stolen or lost mobile phones so they could be used by someone other than their rightful owner.

The service was part of iServer, a phishing-as-a-service platform that has been operating since 2018. The Argentina-based iServer sold access to a platform that offered a host of phishing-related services through email, texts, and voice calls. One of the specialized services offered was designed to help people in possession of large numbers of stolen or lost mobile devices to obtain the credentials needed to bypass protections such as the lost mode for iPhones, which prevent a lost or stolen device from being used without entering its passcode.

iserver-model-640x289.png

iServer's phishing-as-a-service model. (credit: Group-IB)

Catering to low-skilled thieves

An international operation coordinated by Europol's European Cybercrime Center said it arrested the Argentinian national that was behind iServer and identified more than 2,000 unlockers" who had enrolled in the phishing platform over the years. Investigators ultimately found that the criminal network had been used to unlock more than 1.2 million mobile phones. Officials said they also identified 483,000 phone owners who had received messages phishing for credentials for their lost or stolen devices.

Read 7 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments