The Growing Business of Stolen iPhones: How Criminals Are Turning Device Theft Into Data Theft

Cybersecurity firm Infoblox has found a 350% increase in traffic to websites selling tools that unlock stolen iPhones over the past year. This spike reveals that smartphone theft is no longer a small-time crime—it has become an organized, systematic operation focused on stealing personal data and money from victims.

Infoblox researchers tracked more than 10,000 phishing websites tied to stolen iPhone unlocking activity, according to Wired's investigation. What's changed is the cost: unlocking tools now sell for under $10, which means smaller criminals can afford to buy them, while larger criminal groups profit from a wider ecosystem of identity theft and financial fraud.

Why Criminals Now Target Locked Phones

There is a straightforward financial reason for this surge. A locked stolen iPhone might sell for $50 to $200 on the black market, says Dan Guido, CEO of security firm Trail of Bits. But an unlocked one can fetch $500 to $1,000. That five-fold jump in value has given criminals strong motivation to invest in unlocking software and the infrastructure to support it.

London's Metropolitan Police documented how widespread the problem has become. Around 80,000 mobile devices were stolen in the city over one year. In a single case, four men handled more than 5,000 stolen phones and used them to access financial accounts stored on those devices. Will Lyne, head of economic and cybercrime at London's Metropolitan Police, has seen this pattern repeated in investigation after investigation.

Criminal groups are also getting smarter about how they operate. Maël Le Touz, staff threat researcher at Infoblox, notes that phishing messages now include details like the phone model, color, and storage capacity—information scammers can read directly from a stolen device. These accurate details make fake messages more convincing to the original owners.

How Thieves Actually Unlock Phones

The unlocking process often starts simply: a thief watches you enter your PIN or password in a public place. Once they have both the physical phone and the code, they can turn off Find My iPhone and other Apple security features that would prevent them from using the device or allow you to wipe it remotely.

This approach exploits a basic tension in mobile device design. Security systems need to be strong, but they also need to be easy for real users to operate. Features like Face ID and fingerprint recognition can sometimes be bypassed if someone already knows your passcode. Apple created a feature called Stolen Device Protection partly to address this problem—it requires you to use your face or fingerprint again before changing important settings, even if someone has your passcode.

Unlocking tools have made this attack much easier to scale up. Criminal networks can now hand out these capabilities to many people without needing each person to understand the technical details. This mirrors what happened in the mid-2000s, when hackers created automated tools that let anyone launch cyberattacks without special expertise—a shift that turned hacking from a small-scale activity into an industrial operation.

The Bigger Picture: Stolen Data Makes It Worse

The stolen phone problem does not exist in isolation. Apple has reported that 2.6 billion personal records were exposed in data breaches over a two-year period ending in December 2023. More than 60% of the 1,000 largest companies in the US have experienced public data breaches. Apple estimates that one in four of the largest US companies will face a corporate breach each year.

Large data breaches create opportunities for criminals. When thieves can combine information from your stolen phone with data they have from a corporate breach, they can send you more convincing fake messages and target people who are likely to have access to valuable accounts or information.

The distinction between physical theft and cybercrime has become blurry. A stolen phone is no longer just a lost device—it is often the first step in a wider campaign to steal your identity and money. Traditional security approaches that treat a stolen phone as a simple incident requiring device replacement do not account for what happens afterward.

The economic incentives that drive stolen phone crime are unlikely to disappear on their own. Apple's App Store blocked $1.5 billion in fraudulent transactions and removed 1.6 million risky apps in 2021, but these efforts address the symptoms rather than the root cause: the fact that stolen phones are extremely valuable to criminals. The FBI has issued multiple warnings about related attack patterns, including alerts about scams targeting iPhone users and guidance against using unencrypted messaging apps following cyberattacks on US telecommunications companies.

For organizations and individuals, this trend raises an important question worth considering carefully. Device security alone is no longer sufficient. If you work with sensitive company data or information, a stolen phone could expose far more than your personal accounts—it could compromise your employer's systems. A comprehensive security strategy needs to address both physical theft and the data attacks that follow.