A Trend Micro researcher may have stumbled across a new alliance in place between petty criminals and their more sophisticated cyber cousins that could prove mutually beneficial.
Trend Micro senior threat researcher Fernando Mercês related a story of how a Brazilian friend's physically stolen Apple iPhone was then used to alter the victim's Facebook page and used to send the person a phishing email attempting to entice the owner to click a link that would allow the criminals to steal his Apple ID credentials. The art of swiping an iPhone is far from simple. It has to be snatched just after the user inputs the screen lock code and kept open until it's permanently unlocked.
“Apart from perpetrating identity theft, getting their hands on Apple credentials allows them to disable the Activation Lock feature in iOS devices which would enable them to wipe the phone (as part of an attack, or for them to reuse the device),” Merces wrote.
This is a major change in operating procedure as most iPhone thieves simply want to resell the device. Now these people may be mining the device for the info and then even selling the Apple ID credentials on the dark web.