How to: Ac­cess an iPhone locked in Lost Mode

Glenn Fleish­man ex­plains how to open your hand­set

iPad&iPhone user - - HOW TO -

AmacOS pseudo-ran­somware at­tack from Septem­ber 2017 that could also be used to ir­ri­tate iOS users may con­tinue to plague Ap­ple users. Reader Richard says one morn­ing he found his iPhone and iPad locked in Lost Mode. He was un­able to re­gain ac­cess, and had to use Ap­ple’s re­cov­ery process to ver­ify his iden­tity. This hap­pened two weeks later to his wife’s iPhone and iPad, and then a friend of his wife’s had the same ex­pe­ri­ence.

This is al­most cer­tainly re­lated. In the pre­vi­ous at­tack, crack­ers would use data­base of pass­words stolen and cracked from the many bil­lions of leaked ac­count/pass­word com­bi­na­tions in the past few years. Some of those ac­counts were from iCloud users who used an email ad­dress for their ac­count name and reused the same pass­word on an­other site they used with iCloud.

As long as the pass­word was un­changed, an at­tacker even with two-fac­tor au­then­ti­ca­tion (2FA) en­abled could lock a Mac with a PIN only they knew. (There’s a way to un­lock your Mac with­out pay­ing the ran­som: we ex­plain how here.)

With iOS de­vices with pass­codes en­abled – which I as­sume is the case with Richard, his wife, and her friend – Lost Mode can be trig­gered, but the code to un­lock should be the same as the pass­code for the de­vice. From Richard’s de­scrip­tion, that ap­pears that it wasn’t the case, or it’s pos­si­ble that the be­hav­iour by a cracker trig­gered ex­tra ac­count pro­tec­tion on Ap­ple’s part, re­quir­ing a phone call and iden­tity ver­i­fi­ca­tion.

In any case, if you haven’t changed your iCloud pass­word in a while, do so. And turn on two-fac­tor au­then­ti­ca­tion while you’re at it.

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.