iMessage Bug Sends Texts to Stolen iPhones

by

It appears that a bug in iMessage allows texts to be sent to a stolen iPhone, even after a remote wipe and disabling the SIM card, reports Ars Technica.

iMessage, introduced in iOS 5, is similar to RIM's BlackBerry messaging service. It sends text, picture, and video messages over Apple's servers instead of via the carrier's SMS service. This can lower the user's text messaging charges and adds features like delivery confirmation. It also allows users of non-cellular devices, like the iPad and iPod Touch, to send and receive text and picture messages -- as featured in a recent iPod Touch television ad.

According to Ars Technica:

Our attention was drawn to this story by Ars reader David Hovis, whose house was recently burglarized and his wife's iPhone 4S was stolen. According to Hovis, his wife deactivated her iPhone with her carrier, remote wiped it, and immediately changed her Apple ID password—"we picked up a new iPhone the next day, figuring that our insurance would end up paying for it," Hovis told Ars.

For most users, this would be the end of the story. The phone number had been transferred to a new device and the old one had been deactivated; what more is there to say? A lot, apparently, and in the form of iMessages. The thief who stole Mrs. Hovis' iPhone had sold the device to an unsuspecting buyer elsewhere in the state, and the buyer had begun sending and receiving iMessages from the phone as Mrs. Hovis—even though the stolen phone had apparently now been activated under a new number.

Hovis sent messages to new "owner" of his wife's old phone, with the messages going to both the old and new phone, but the other person was uncooperative. He discovered a thread on the MacRumors forums with several readers reporting the same issues.

Apple has not commented on the matter, but it's possible that the iMessage servers permanently links the UDID number of a particular handset to a phone number, so it knows what handset to deliver iMessages to. When the phone is remotely wiped, and a new SIM card installed, the iMessage servers don't update and messages continue to be sent to the stolen phone.

Top Rated Comments

(View all)
Avatar
113 months ago
It's a feature to be able to tell the thief pleasantries from time to time.
Score: 9 Votes (Like | Disagree)
Avatar
113 months ago

If verified that this is a bug then it is something that needs to be fixed. But on the other hand it could be something that could come in handy. Think about it....your iphone is lost or stolen and someone wipes it or replaces the SIM so they can use it. But you are still able to send an iMessage to it. How cool would that actually be if that could actually lead to the phone being returned to you.

The new owner gets to see every iMessage I send/receive. That may result in an occaional returned phone, but the rest of the time it is a huge privacy risk. It could go on forever. Every single iMessage you send/receive will be visible to the thief.
I have been following this issue for a while, and there have been lots of threads about this happening. In some cases users were getting sexually explicit messages from random people.
Apple needs to resolve this problem.
Score: 3 Votes (Like | Disagree)
Avatar
113 months ago
I guess it makes sense to assume that any person could be identified by N number of UDIDs on the server side of iMessage. (My iPhone, my iPad, my iPod Touch, etc -- that's three right there!)

But for this to be a permanent linkage is clearly a design flaw/oversight. The remote wipe should have nuked the UDID from iMessage's server-side database (or where ever the hell it's stored).
Score: 3 Votes (Like | Disagree)
Avatar
113 months ago

It sends text, picture, and video messages over Apple's servers instead of via the carrier's SMS service.


Very often it fails to send pictures.. and I end up having to wait a while or e-mail them
Score: 3 Votes (Like | Disagree)
Avatar
113 months ago

I've always wondered something about "Remote Wipe". Can thieves who obtain a remotely wiped iPhone re-sync it and have a fully working iPhone? Because surely it just becomes a factory restored iPhone?

Would love an answer.


I'd also like to know if you can keep requesting a remote wipe - ie. keep erasing the stolen phone over and over again to cause maximum inconvenience for the undeserving new 'owner'.
Score: 2 Votes (Like | Disagree)
Avatar
113 months ago
This is NOT just stolen phones.

I recently upgraded to a HTC Titan from a iPhone 4 last week. I did the upgrade through the AT&T .01 WP7 sale. I activated the Titan and when I did that, EVERYONE who still has an iPhone / iPad / iPod Touch who has ever sent me a text message before the switch, they are still going to my iPhone because of iMessaging. The iPhone has no service and no sim card installed. It is only on wi-fi and all of the texts go to it still.

I can send someone a SMS from my Titan and their response goes to my iPhone. It is super annoying and no one knows how to fix it.

IMO this is complete ******** really and it needs to be fixed. Currently I am a slave to this iPhone now :/
Score: 2 Votes (Like | Disagree)

Top Stories

iPhone Maker Foxconn Says China's 'Days as the World's Factory Are Done'

Wednesday August 12, 2020 7:55 am PDT by
China will no longer be the world's manufacturing epicenter going forward, according to Apple's largest supply chain partner Foxconn, which has been gradually expanding its operations in other countries amid the U.S.-China trade war. "No matter if it's India, Southeast Asia or the Americas, there will be a manufacturing ecosystem in each," said Foxconn chairman Young Liu, according to Bloombe...

Leaker Jon Prosser: Apple Watch and iPad Launching in September, iPhone 12 Event to Take Place in October

Wednesday August 12, 2020 4:31 pm PDT by
Apple last month confirmed that this year's iPhone 12 models will launch outside of their normal September timeframe and will be "available a few weeks later," which has led to speculation about when an event might be held. Leaker Jon Prosser, who sometimes shares accurate knowledge of Apple's plans, today said that Apple will hold its iPhone 12 event during the week of October 12, with...

Apple Takes Legal Action Against Small Company With Pear Logo

Saturday August 8, 2020 11:09 am PDT by
Apple is taking legal action against the developers of the app "Prepear" due to its logo, according to iPhone in Canada. Prepear is an app that helps users discover recipes, plan meals, make lists, and arrange grocery deliveries. The app is a spinoff of "Super Healthy Kids," and the founders claim that they are facing litigation from Apple. Apple reportedly takes issue with Prepear's logo, ...

Apple to Launch Bundled Subscription Services Called 'Apple One'

Thursday August 13, 2020 3:41 am PDT by
Apple will launch a new range of subscription service bundles called "Apple One" as soon as October, according to a new report by Bloomberg's Mark Gurman. The series of bundles would allow customers to subscribe to several Apple digital services together. This is expected to result in a lower monthly price than when the services are subscribed to individually. Bloomberg reports that the...

Apple Releases iOS and iPadOS 13.6.1 With Fix for Storage Issue and Green Tinted Displays

Wednesday August 12, 2020 1:31 pm PDT by
Apple today released iOS and iPadOS 13.6.1, minor updates that come a month after the release of the iOS 13.6 update with Car Keys and Audio Apple News+ stories. The iOS and ‌iPadOS‌ 13.6.1 updates are available on all eligible devices over-the-air in the Settings app. To access the updates, go to Settings > General > Software Update. iOS 13.6.1 addresses an issue that could cause...

Apple May Release 4G-Only iPhone 12 in Early 2021

Tuesday August 11, 2020 5:28 am PDT by
In a research note shared by Business Insider, Wedbush Securities analysts said that Apple may release a cheaper iPhone 12 in early 2021 with no 5G connectivity. Wedbush initially believed Apple would launch a mix of 4G and 5G iPhone 12 models this fall. Following re-examination of Asian supply chains, analysts Daniel Ives, Strecker Backe, and Ahmad Khalil revised the predictions,...

Apple Removes Fortnite From App Store [Update: Epic Files Lawsuit Against Apple]

Thursday August 13, 2020 11:58 am PDT by
Just hours after Epic Games introduced a new direct payment option for Fortnite that skirts Apple's in-app purchase rules, Apple has pulled the Fortnite app from the App Store. Fortnite is no longer available for download on the iPhone or the iPad, and Apple provided a statement to MacRumors on Fortnite's removal:Today, Epic Games took the unfortunate step of violating the App Store...

iPad Pro Keyboard Comparison: Logitech's $160 Folio Touch vs. Apple's $300 Magic Keyboard

Tuesday August 11, 2020 2:11 pm PDT by
Logitech recently debuted the Folio Touch, a keyboard and trackpad case designed for the 11-inch iPad Pro that serves as an alternative to the Magic Keyboard. In our latest YouTube video, we compare the $160 Folio Touch to Apple's $300 Magic Keyboard to see which is better. Subscribe to the MacRumors YouTube channel for more videos. Logitech is selling the Folio Touch for $160, while Apple's...

Apple Releases macOS Catalina 10.15.6 Supplemental Update With Virtualization Bug Fix

Wednesday August 12, 2020 1:20 pm PDT by
Apple today released a supplemental update for macOS Catalina 10.15.6, with the update coming a month after the original launch of macOS Catalina 10.15.6. The ‌‌macOS Catalina‌‌ 10.15.6 Supplemental Update can be downloaded from the Mac App Store using the Update feature in the System Preferences app. According to Apple's release notes, the update fixes a problem that could cause...

Kuo: Global iPhone Shipments Could Decline Up to 30% If Apple Forced to Remove WeChat From App Store [Updated x2]

Sunday August 9, 2020 10:17 pm PDT by
In a worst-case scenario, Apple's annual global iPhone shipments could decline by 25–30% if it is forced to remove WeChat from its App Stores around the world, according to a new research note from analyst Ming-Chi Kuo viewed by MacRumors. The removal could occur due to a recent executive order aiming to ban U.S. transactions with WeChat and its parent company Tencent. Kuo lays out...