Ever wonder how crooks get the credentials to unlock stolen phones?
Ultimately, criminals received the stolen and validated credentials through the iServer web interface, enabling them to unlock a phone, turn off “Lost mode,” and untie it from the owner’s account. To better camouflage the ruse, iServer often disguised phishing pages as belonging to cloud-based services.