iOS vulnerability allows to disable 'Find My iPhone' without password
Smartphone manufacturers are adding ways for owners to track and manage their phones if they ever get lost or stolen. Find My iPhone is a service that comes with every iOS device that allows you to track your iPhone, whether it was lost or stolen.
Normally, the iPhone requires a password if you want to deactivate “Find My iPhone”, but it isn’t entirely perfect and thieves are now smart enough to disable 'Find My iPhone' on devices running iOS 7.0.4 and lower version, without having to enter a password.
The exploit was discovered and demonstrated security researcher 'Bradley Williams' and performing a successful bypass means you won’t be able to locate, make sound and wipe out.
The vulnerability could put the devices at risk, and the exploitation method involves a few simple steps that involve making changes in the iCloud settings, even if they don’t know the password.
Steps to hack 'Find My iPhone':
- Navigate to iCloud in the settings.
- Select your account.
- Change the password to an incorrect one, then taps Done.
- When display 'wrong password' warning, Tap OK and then tap Cancel.
- Reselect your account.
- Empty the description field and then press Done.
Users are recommended to activate Apple’s device Lock system, which blocks a thief from erasing and re-activating a stolen phone unless they enter your Apple ID and password.