https://www.theregister.com/AMP/2024/03/27/apple_passcode_attack/
“Apple device owners, consider yourselves warned: a targeted multi-factor authentication bombing campaign is under way, with the goal of exhausting iUsers into allowing an unwanted password reset.”
https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
“Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to each prompt.
Assuming the user manages not to fat-finger the wrong button on the
umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code.”
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 300 |
Nodes: | 16 (2 / 14) |
Uptime: | 94:33:16 |
Calls: | 6,697 |
Calls today: | 2 |
Files: | 12,232 |
Messages: | 5,349,069 |