Hackers Create Tool To Bypass Apple’s ‘Activation Lock’ security feature

A couple of hackers have created a tool called ‘doulCi’ for bypassing Activation Lock. It users man-in-the-middle hack to intercept Apple ID credentials and unlock devices disabled by this security feature.

Specifically, the hack user a vulnerability in iTunes for Windows that verifies security certificates. And all you have to do is plug the device to a PC, alter a file, and direct it to a server rather than iCloud.

Mark Loman, a security researches, says the bug in the iTunes Windows version was a beginner’s mistake, or was left intentionally to enable intelligence agencies for accessing iCloud. Apple fixed a similar vulnerability recently in iOS and OS X.

Here is how the Team doulCi membeers Merruk Technolog and AquaXetine describe the attack:
doulCi is the worlds first Alternative iCloud Server, and the world’s first iCloud Activation Bypass. doulCi will bypass and activate you iDevice for you when you are stuck at the Apple activation menu. So, why would you use it? For example, if you have forgotten your Apple ID and password or no longer have access to your old itunes-email account then its impossible to regain control of your Apple Product!! doulCi is the solution that will enable you to can regain permenant access.
No video proof has been provided, but the hackers demonstrate its ability in screenshots ‘calls to Apple’s iCloud activation service’. Few other users are also sharing screenshots, showing the hack works.

MuscleNerd from evd3rs says: 
Looks like even after a successful attack, where the iPhone disabled with Activation Lock turns out un-bricked, the device is SIM-locked. However, one of the team members say a carrier fix is underway. And more details are coming soon according to the pair.
The two also say their goal was to alert iPhone users how unsafe iCloud has been. Apple has been reported on the issue, but until a fix comes, users are advised not to access iCloud services over public WiFi.

Stay tuned..


blog comments powered by Disqus
Octofinder Blog Catalog