A team of Dutch-Moroccan hackers calling themselves “Team DoulCi” claimed to have hacked a security feature on Apple’s iCloud system, the hack allows attackers to remove security measures on any “protected” iPhone device.
Dutch news organization, De Telegraaf, reported that the alleged hackers purchased locked iPhone devices for $50 to $150 and bypassed the iCloud security measures. The attackers bypassed Apple’s iCloud activation with a serious set of vulnerabilities Apple has failed to patch in their most recent updates.
The vulnerability in Apple’s iCloud allowed hackers to unlock stolen iPhones and sell them for a large profit. This is the first time any attacker has managed to compromise Apple’s iCloud service.
Apple’s iCloud is a cloud storage service provided by Apple Inc. Since October 2011 Apple’s iCloud has attracted more than 320 million active users across the globe. The service allows users to sync, store, or back-up data such as music, photos, applications, documents, bookmarks, reminders, backups, notes, iBooks, contacts, and provides an Apple email service along with a calendar. This data can be synced across all Apple devices under the same iCloud account, making syncing simplistic.
The Dutch hacker named, AquaXetine, and Moroccan hacker named, Merruktechnolog, claim to have unlocked more than 30,000 stolen iPhones in the past few days.
For hackers to bypass the locked iPhones, the hackers use a Man-in-the-Middle attack and trick iPhone apps to connect to the attackers server appearing as an actual Apple server that then activates the Apple device.
Cyber security experts believe that attackers could do far more damage with this vulnerability, some believe it would be possible for hackers to instruct the device to read iMessage conversations, and extract information such as AppleID credentials (email and password).
Its reported that it took hackers over five months to breach Apple’s iCloud system, and a Twitter account believed to belong to the Dutch-Moroccan hackers claimed that the group has “processed” more than 5,700 Apple devices in just five minutes using their attack methods.
Initially hackers had good intentions by reporting this critical vulnerability to Apple back in March, but Apple never responded to the manner. Hackers then decided to go public with the disclosure. The hackers admit they finally decided to contact Dutch media because Apple did not publicly admit their system had been compromised.
Hackers were offering their unlock services at website doulCi.nl, but the service appears to be offline as of May 23. doulCi.nl was the worlds first alternative iCloud server, and the first iCloud activation bypass service.