Feed: Slashdot
Feed Link: https://slashdot.org/
---

Title: Thieves Busted After Stealing a Cellphone from a Security Expert's
Wife

Link: https://it.slashdot.org/story/25/09/14/035723...

They stole a woman's phone in Barcelona. Unfortunately, her husband was
security consultant/penetration tester Martin Vigo, reports Spain's newspaper
El Pais. "His weeks-long investigation coincided with a massive two-year
police operation between 2022 and 2024 in six countries where 17 people were
arrested: Spain, Argentina, Colombia, Chile, Ecuador, and Peru...." In Vigo's
case, the phone was locked and the "Find my iPhone" feature was activated...
Once stolen, the phones are likely wrapped in aluminum foil to prevent the
GPS from tracking their movements. "Then they go to a safe house where they
are gathered together and shipped on pallets outside of Spain, to Morocco or
China." This international step is vital to prevent the phone from being
blocked if the thieves try to use it again. Carriers in several European
countries share lists of the IMEIs (unique numbers for each device) of stolen
devices so they can't be used. But Morocco, for example, doesn't share these
lists. There, the phone can be reconnected... With hundreds or thousands of
stored phones, another path begins: "They try to get the PIN," says Vigo. Why
the PIN? Because with the PIN, you can change the Apple password and access
the device's content. The gang had created a system to send thousands of text
messages like the one Vigo received. To know who to target with the bait
message, the police say, "the organization performed social profiling of the
victims, since, in many cases, in addition to the phone, they also had the
victim's personal belongings, such as their ID." This is how they obtained
the phone numbers to send the malicious SMS... Each victim received a unique
link, and the server knew which victim clicked it... With the first click,
the attackers would redirect the user to a website they believed was
credible, such as Apple's real iCloud site... [T]he next day you receive
another text message, and you click on it, more confidently. However, that
link no longer redirects you to the real Apple website, but to a flawless
copy created by the criminals: that's where they ask for your PIN, and
without thinking, full of hope, you enter it... "The PIN is more powerful
than your fingerprint or face. With it, you can delete the victim's biometric
information and add your own to access banking apps that are validated this
way," says Vigo. Apple Wallet asks you to re-authenticate, and then
everything is accessible... In the press release on the case, the police
explained that the gang allegedly used a total of 5,300 fake websites and
illegally unlocked around 1.3 million high-end devices, about 30,000 of them
in Spain. Vigo tells El Pais that if the PIN doesn't unlock the device, the
criminal gang then sends it to China to be "dismantled and then sent back to
Europe for resale. The devices are increasingly valuable because they have
more advanced chips, better cameras, and more expensive materials." To render
the phone untraceable in China, "they change certain components and the IMEI.
It requires a certain level of sophistication: opening the phone, changing
the chip..."

Read more of this story at Slashdot.

---
VRSS v2.1.180528