Two hackers who call themselves AquaXetine and MerrukTechnolog have released a hack that can basically bypass Apple’s rock solid iCloud activation mechanism reports Dutch publication De Telegraaf.
This simple hack name ‘doulCi’ (get it?) by the duo allows bricked iPhones to be reactivated even if the owner has used the iCloud remote lock feature, which obviously opens up all sorts of problems when it comes to iPhones remotely wiped after they have been stolen. But even those users who have legitimate iPhones that have been bricked have hope thanks to the doulCi tool.
Those who wish to use doulCi have to modify the hosts file on their PC or Mac, and then connect to iTunes. The hosts file helps direct network traffic from a PC to specific servers. When the user then runs iTunes, it will detect the device plugged in and automatically transmit an activation request, which is then rerouted to doulCi. The device is then purportedly activated without any further action on the user’s part. The hacker team claims that work is in progress to ensure that all iPhone, iPad and iPod models are supported. The exact line that needs to be added to the hosts file has not yet been published.
The hack relies on a man-in-the-middle spoofing technique to make Apple devices actually believe that they have connected to a legitimate iCloud server. The hacker duo claims they can activate thousands of devices every minute, and there is a lot of evidence on their Twitter pages regarding re-activated devices, with pictures from people from around the world of devices and screenshots showing the hack actually working.
The hack relies on a man-in-the-middle spoofing technique to make Apple devices actually believe that they have connected to a legitimate iCloud server. The hacker duo claims they can activate thousands of devices every minute, and there is a lot of evidence on their Twitter pages regarding re-activated devices, with pictures from people from around the world of devices and screenshots showing the hack actually working.
The official doulCi website has details of how the hack works and disclaimers that suggest it should only be used by the rightful owners of the device who have lost or hacked or have forgotten their login info. Their website says doulCi to be the world’s first alternative iCloud Server, and the world’s first iCloud Activation Bypass. According to the hackers, around 30,000 stolen iPhones have been unlocked using doulCi. These have been bought over the Internet from Chinese traders on eBay and other major auction sites for between $50 and $150.
What’s surprising about this hack is that AquaXetine and MerrukTechnolog reportedly contacted Apple about this vulnerability back in March, but Apple never responded, which prompted them to go public with the disclosure. The hackers say they finally decided to approach the Dutch media because Apple has not yet admitted publicly that its system has been compromised.
Of course the more alarming development thanks to this hack is that iCloud, which is used to store a lot of sensitive user data, can in fact be breached. It remains to be seen whether these may be in danger, though the doulCi hackers suggest it may be vulnerable. Their advice is not to use iCloud till Apple has solved the problem.