The iCloud Activation Lock page gets shut down
The iCloud Activation Lock page gets shut down. Image: TheUSBport.

MacRumors reported on Sunday that iCloud’s Activation Lock page had suddenly disappeared. The site allowed users and potential owners to check if an iPhone, iPad, or iPod Touch was locked by entering the device’s IMEI or serial number.

Since then, several outlets have confirmed the vanishing of the Activation Lock section.

Many of them reached out to Apple for comment, but the company has yet to make a statement on the page’s removal.

Later reports suggest that Apple may have taken down the tool section over safety concerns. Rather ironically, hackers may have used the site as a way to bypass the lockdown system and get access to locked devices.

What is Activation Lock and what is its use?

Introduced in 2013 with iOS 7, Activation Lock is a security measure that just links a device to a user’s Apple ID. Any other person who tries to override that Apple ID will have to enter the original account and password first.

This safety feature is automatically enabled when users turn on the Find my iPhone function on their handsets. The Activation Lock screen shows up when first turning on the phone after resetting it.

The idea behind a website where you can check the lockdown status of any given Apple gadget is to make sure that a device is not stolen or lost.

If you were to buy an iPhone online, for example, and you checked the IMEI or serial number using iCloud’s tool, and it showed the phone had the feature turned on, then that means it is still registered to someone’s Apple ID. Someone who may or may not be the original owner.

If there is a publication of an Apple device on sale that doesn’t list the serial number or IMEI, and the seller refuses to provide it, then it is more than likely that the instrument was not obtained legitimately.

How did hackers exploit the Activation Lock page?

Hackers may have used a simple trick devised to exploit the Activation Lock page to confirm valid serial numbers of Apple devices. They then used those legitimate credentials to revive iPhones, iPads, and iPod Touch players rendered useless by the security system.

Tech-savvy people who got their hands on both stolen or lost Apple gadgets and batches of invalid serial numbers were halfway down to getting a functional device.

The hackers needed only to enter the invalid serial numbers in the Activation Lock page and try changing one or two characters to find a valid combination. Once confirmed the number was good, they “transplanted” the new credentials directly into the chip of the bricked handset.

Source: MacRumors