As we reported, Apple recently took down its tremendously useful Activation Lock webpage for reasons unknown. The theft-deterrent tool allowed legitimate iOS device owners and just about anyone else to check the status of the Activation Lock feature by entering a serial number. Apple provided no explanation for the removal, but all checks point to it being a precautionary measure meant to prevent hacks relying on stolen serial numbers, as a reader pointed out in comments.

The Activation Lock web tool allowed users to enter a serial number of an iOS device to verify if Activation Lock has been enabled on it. The tool was also readily accessible to anyone who would run a batch of serial numbers against it i order to see which one worked before leveraging a bypass hack to unlock the bricked device.

Hackers would also change a few characters in an invalid iOS device serial number until stumbling across a combination that would let them unlock a bricked device.

This is part of a bigger issue where hackers steal iOS device serial numbers for nefarious purposes. Say I got hold of your iPhone’s serial number (i.e. you shared it online in a Settings app screenshot). I could use the removed web tool to check if you had Activation Lock enabled before bypassing the protection on your device.

“Someone could be using a serial number of a phone that has not been sold yet, meaning it will be iCloud-locked even on the first setup,” our reader wrote. “It’s a smart move by Apple even though it hurts people who want to buy second hand devices.”

In the video below (I set it to start at mark 5:25), you can see how the iCloud Activation Lock web tool, released in October 2014, can be used to verify that automatically generated serial numbers are available and unlocked for stolen iOS devices.

As MacRumors notes, this scheme that steals valid serial numbers from existing iOS users might explain why some people reported finding their devices locked to an unknown Apple ID and not being able to regain control without Apple’s help.

In November, a researcher exploited a bug in iOS 10.1.1 to bypass Activation Lock protections on an iPad by flooding Wi-Fi logins with long character strings and repeatedly opening and closing a Smart Cover. It has been patched since.

  • Jamessmooth

    This is why we can’t have nice things.

  • jaimem17

    I’ve always wondered, what happens if you forget the email address that was associated with the account? I’m asking because my brother in law forgot the email he registered with his iPad and asked me to help him but I couldn’t do anything with it, it isn’t stolen, he bought it directly from Apple but for some reason it’s stuck in the activation screen.

    • lemonhead

      with prove of ownership you can remove the Lock at an Apple Store

  • Ben Nguyen

    There’s alternative link to check not only activation lock status but also the warranty status. Due to the regulation I can’t post the link here but you can search in youtube: how to check activation lock ben nguyen. Hope this help. If it is useful please like and share. Any bugs found please share with us, we do
    appreciate for that.

  • linda

    Consider hitting up hotcyberclown@gmail.com for any hack related issue.He’s one of the only genuine hackers out there. I have used him a couple of times and he has never disappointed me.His services include : bypassing social media security,Spying on accounts/cellphones,retrieving deleted text messages,contacts or accounts,credit card top up, phone hack and so on.He his tested and trusted once you pay for his service. …….with his service,you can spy on cheating partners and get real evidence of whatever you require. His services are quite affordable,don’t hesitate to contact him at hotcyberclown@gmail.com or text him through this number +17603380276.