Two hackers have figured out a way to unlock lost Apple devices -- a boon for criminals with stolen iPhones and iPads.
The hackers have discovered a method for bypassing a protective feature on Apple ( devices. Lost your iPhone? No worries. Something called "Activation Lock" turns it into a useless brick by connecting to Apple servers via its )iCloud service.
By plugging your iPhone or iPad into a computer and altering a file inside, you trick the device into connecting to the hackers' server instead. Once connected, the server will tell the iPhone or iPad to unlock.
The process is clunky, but folks around the world are already celebrating that it works.
In recent days, the hackers' Twitter pages have been filled with photos of unlocked iPhones and iPads uploaded by grateful people in Brazil, Mexico, Russia, the United States and elsewhere.
A Twitter user in China, @t_ai_ya_ki, posted photo of a liberated iPhone on his bed and wrote, "thanks bro :)" Another in Poland, Maciek Walczykowski, showed his unlocked iPhone with a hacker's Twitter feed in the background. Dozens of others did the same.
The hacking duo, Team DoulCi (iCloud backwards), posted instructions on its website with this caveat: This runaround is only meant to be used for good. The hack was "built with love" for those original owners who lost access to their own devices, they said. No stolen Apple devices, please.
Right. Here's a reality check: So far, most of those taking advantage of this trick are posting photos of several unlocked devices at once.
For example, someone in the Philippines using the name @esonglance showed off six unlocked iPhones. Another user, @illPaick in Mexico, showed off six iPhones and an iPad. Who accidentally locks himself out of a half dozen of his own devices? No one.
Apple did not immediately return calls for comment.
Mark Loman, a malware analyst for cybersecurity company SurfRight, described the hack as a "man-in-the-middle attack." To make it work, these hackers place themselves between your device and Apple.
It's inherently unsafe. On their website, the hackers promise "more information" at midnight Thursday (EST).