Criminals in Brazil are stealing people’s iPhones to access bank accounts, not resell the devices

Status
Not open for further replies.

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
In São Paulo, the largest city in Brazil, criminals are stealing people’s iPhones, and after a few hours, they manage to access users’ bank accounts and then steal from their accounts.

As reported by the Brazilian newspaper Folha de S.Paulo, this kind of theft has been happening since the beginning of the pandemic and has only gotten worse. In the story, people with an iPhone 11 and iPhone XR had not only their iPhone unlocked, but also their bank account hacked.

Before the pandemic, it was common to see bicycle thieves stealing phones from inattentive people on the street, but they used to resell the phones. Now, there’s a specialized gang that not only invades the iPhone but also the bank account as well.

Procon-SP, the Brazilian consumer protection regulator based in São Paulo state, is planning to take action against companies such as Apple, other smartphone makers, and banks.

“Procon already acknowledged about a gang of cell phone receivers whose main illegal business is not the resale of cell phones, but the defrauding of passwords for bank fraud. This is being done through an army of hackers,” said executive director Fernando Capez.

The rest
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
This comes at right time after Tim Cook said iOS is most secure OS than Android Tim Cook says Android has more malware than iOS, blames side-loading
Well, he's right. 🤷‍♂️
Screenshot_20210618-180555.png
 

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
According to a new report by Brazilian newspaper Folha de S.Paulo, in a meeting with mobile carriers and banks, they committed to Procon-SP to create emergency centers to block phone accounts after a smartphone is stolen.
Apart from that, Apple and Google also promised to make it easier to access their services to erase a smartphone stolen with other devices. Although less known, these services already exist and will be made more accessible.
According to Procon-SP, if the person that had their smartphone stolen is able to erase their phone in the first five minutes, the smartphone will completely lose its value to the criminal.

Even though Apple and Google committed to making it easier to erase people’s stolen smartphones, the Cupertino, California, company didn’t comment on the subject to the newspaper, so it’s unknown what measures Apple will take to make it easier for customers to quickly erase a stolen iPhone.

The rest
 

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
The Brazilian newspaper Folha de S. Paulo reported last month how criminals had been stealing iPhones in Brazil to access people’s bank accounts instead of reselling the devices. Now, the police seem to have finally figured out how they gain access to bank accounts, and to our surprise, the process seems easier than you might think.

Folha de S. Paulo now reported that Police in São Paulo have arrested one of the gangs that specialize in smartphone theft, and the criminals have detailed how they crack the security of Apple devices. One of them even mentions that he can “unlock all iPhones, from 5 to 11.”

At first, it was believed that the thieves used some exploit or other advanced method (like Cellebrite’s tools) to unlock the stolen iPhones, but the whole thing is much simpler than that. Police Chief Fabiano Barbeiro revealed that criminals need only a single tool to access all the device’s data: the iPhone SIM card.

Basically, thieves take the SIM card out of the stolen iPhone and then put it into another iPhone. Using social networks like Facebook and Instagram, they can easily find out the email address used by the person who had the phone stolen. In most cases, this email address is the same as the one used for the Apple ID. All they need to do is reset the Apple ID password using the victim’s phone number.

Barbeiro says that the easiest way criminals have to find passwords is by looking in the Notes app since many users seem to store bank and credit card passwords there. However, with access to the iCloud account, they can easily get all the passwords from the iCloud Keychain as well.

The rest
 

Gandalf_The_Grey

Level 83
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,255
The rest
Following the previous report, Apple has promised the Brazilian newspaper that it will make it easier for users to delete all data from a stolen iPhone. However, the company did not give details of what exactly it will implement. With iOS 15, users will finally be able to track a powered-off iPhone using the Find My app.

And, of course, the best thing you can do to protect your accounts is not to store your passwords in the Notes app or other non-secure apps. Another good option is to only use an eSIM instead of a regular SIM, as the eSIM cannot easily be transferred to another device.
 

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
After several reports of criminals unlocking people’s iPhones and managing to access users’ bank accounts in Brazil, the São Paulo state police were able to arrest one of these gangs.

According to Brazilian newspaper Folha de S.Paulo, four men were arrested yesterday and accused of integrating a specialized gang in unlocking mostly iPhones, accessing users’ bank accounts, and then stealing their money.

This is one of the most famous and sophisticated gangs operating in São Paulo city, based in the downtown region. They are able to exploit smartphone security flaws and even bypass Face ID, Touch ID, and alphanumeric passwords through specialized software.

According to Police Chief Roberto Monteiro, with pirate software bought on the deep web, the gang is able to extract people’s iPhones data.

The rest
 

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Over the past few weeks, 9to5Mac has been covering how criminals in Brazil are stealing people’s phones and using them to drain user’s savings in just a moment. Over the weekend, my iPhone 12 was stolen, but iOS 15 and many other precautions were very helpful and ensured that the situation was not as bad as it could have been.

One of the greatest features available on iOS 15 is the ability to make the iPhone findable even after being turned off or factory reset as long as Activation Lock is enabled.

Turns out, this really works in real life, as I still have access to the iPhone’s position even though I factory reset it.

Although it’s up to the police to do something, at least I can safely know exactly where the iPhone 12 is, even though I’m not going to do anything all by myself. Alongside that, it’s easier than ever to restore the backup to my old-new iPhone, an XS.

Not only does this mean I can safely bring all of my data back, but I can also easily repair the Apple Watch without losing my Cellular data.

Now, I want to share a few precautions before being stolen and what I did next:
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top