2 min read

iCloud account scams can brick your Apple devices

Russia’s Interior Ministry says scammers are abusing Apple’s own Activation Lock by stealing iCloud credentials, potentially locking iPhone, iPad, and Mac devices at once.

Image: ITzine

Scammers have found a way to turn iPhone, iPad, and Mac devices into near-dead weight without hacking them in the usual sense. According to Russia’s Interior Ministry, the scheme relies on Apple’s built-in protections: once criminals gain access to a victim’s iCloud account, they can use the company’s own tools against the device owner.

The attack typically starts with a call or message. Victims are persuaded to reveal their login, password, or verification code, which is enough for attackers to sign in. From there, they open Find My iPhone, switch the device into lost mode, and trigger Activation Lock. That leaves the hardware tied to another Apple ID and makes it extremely difficult for the rightful owner to use.

Apple introduced the feature to deter device theft, and under normal circumstances it does exactly that. The problem, the ministry says, is that the same mechanism can be turned on the owner if someone gets into the account first.

Recommended reading

12M stolen streaming accounts hit dark web during World Cup

The damage can be worse when several devices are linked to a single Apple ID. In that case, the lock can hit a phone, tablet, and computer all at once.

The report stresses that this does not require breaking into the system, bypassing encryption, or exploiting a rare bug. The core of the scam is much simpler: trick the user into handing over credentials or entering them on a fake login page. The ministry also notes that the same pattern exists beyond Apple devices — attackers first seize the cloud account, then the hardware follows.

Sophia Reynolds

Security Editor

Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.

via ITzine

// Keep reading