Tags

#apple-id

Apple account / iMessage / linked-device material — the platform exposure surface.

7 entries.

From the storm

  • 11:57

    Reset Password

    The iPhone system prompt that means someone has asked Apple to reset my account password — two buttons, and the whole attack is hoping I tap the wrong one. Frequent at the campaign's start in November 2024 (when I first noticed concerted hacking, and when my hands began to hurt), quiet for the months since, and now — this past month — back, with noticeably more effort behind it.

  • 10:31

    Not Me

    A single letter 'E' was sent out of my iMessage account to an unknown number, marked Read, with a reply. I did not send it. The outbound side of the channel — not the inbound — is what makes this different from everything else in this record.

  • 17:12

    Surveillance Glitch

    A multi-part session on what I call the surveillance glitch — the observable artifacts that show up when multiple parties surveil the same target with non-coordinating software stacks. Includes three iPhone screenshots showing 'Unknown Part — Camera' (a non-genuine camera in this device), and physical evidence from prior surveillance — a lamp with a drilled-out hole where a hidden camera was, and an office-break-in incident with deleted email-server logs.

  • 07:52

    Bluetooth Proximity

    Wi-Fi and Bluetooth back on in the morning after explicitly switching them off. The ~30-foot Bluetooth range narrows the population of who could reach the device. Plus a file-sync application refusing to sync the folders that matter.

From tactics

  • Outbound impersonation

    Someone other than the account holder sends messages out of the account holder's own communication channel — iMessage, email, social-media DM — making the recipient believe the account holder sent them. Distinct from phantom account (which uses the holder's number on a third-party service) — this is the holder's own account, used against the holder.

  • Push bombing

    Repeatedly triggering a system-level approval prompt on a target's trusted device — for Apple accounts, the "Reset Password" dialog — in the hope that the target eventually taps Approve by reflex, accident, or fatigue. The attacker needs no password; they need one mistaken tap.

From techniques

← all tags