Your phone is not just a device, but a door to your entire life. Now think about someone who stole that door, who plundered your secrets and your bank accounts and turned your world upside down. This is the story of Aaron Johnsona criminal who stole more than a million euros by stealing iPhones and accessing their accounts.
Johnson, who is currently in prison for his crimes, shared details about how he stole iPhones and what he did next in an interview with WSJ. The result is a chilling chronicle of how knowledge of the passcode can become the master key to people’s digital lives.
“The access code can sometimes be God or the devil”Johnson said in the interview. Their story begins with the theft of hundreds of iPhones, which meant not only the disappearance of the devices but also the financial and emotional damage to their owners.
Johnson’s approach was as simple as it was disturbing. He approached people in bars, especially young people, who had been drinking, had conversations with them, and showed them the access code at the right moment before they handed him the phone, for example to enter a complex username for a social network. And if he couldn’t see the code, he would lock the phone and ask the owner to enter it again.
His ability to deceive unsuspecting people with tricks and false promises, This allowed him to access bank accounts and payment services such as Paypal and make fraudulent purchases using Apple Pay. The process was quick, often faster than his victims realized.
The first thing he did as soon as he got the iPhone was change the iCloud password, turn off Find My iPhone, and enter his face into Face ID. “All you have to do is stick your face there and you have access to everything”Johnson said. As a result, victims lost full access to their iPhone.
Once he had full control of the iPhone, he used his face to access the bank accounts to empty them. If you need a password, have accessed the Notes app, where many users store their passwords unprotected.
After all bank accounts were raided, Johnson visited stores to make purchases using Apple Pay.
iOS 17.3 will partially prevent these thefts
iOS 17.3 will introduce steps that will make it much more difficult for thieves to gain control of iPhones and lock them so their owners cannot access them.
Once activated, this feature includes a number of authentication measures. First, The iPhone can detect if it is far from the places the user usually goes.
If a thief tries to change your Apple ID password, your phone will need to be verified with Face ID or Touch ID. Additionally, changes to your Apple ID password don’t happen immediately; instead, the phone waits an hour before requesting identity verification.
When Anti-Theft is enabled, users cannot update trusted phone numbers or add recovery keys without waiting an hour and verifying their identity. Even iCloud Keychain requires Face or Touch ID before providing saved passwords. All of this makes it extremely difficult for a thief to wipe the stolen phone or disable Apple’s Find My iPhone services.