He Stole Hundreds of iPhones and Looted People’s Life Savings. He Told Us How.
Kanebridge News
    HOUSE MEDIAN ASKING PRICES AND WEEKLY CHANGE     Sydney $1,635,570 (+0.09%)       Melbourne $990,779 (-0.14%)       Brisbane $1,002,534 (+0.89%)       Adelaide $899,189 (+1.63%)       Perth $853,385 (-0.01%)       Hobart $727,599 (-0.08%)       Darwin $665,330 (-2.24%)       Canberra $1,030,329 (+2.00%)       National $1,054,780 (+0.44%)                UNIT MEDIAN ASKING PRICES AND WEEKLY CHANGE     Sydney $758,114 (+0.56%)       Melbourne $494,774 (+0.21%)       Brisbane $562,776 (+0.42%)       Adelaide $448,109 (+2.19%)       Perth $451,267 (-0.77%)       Hobart $504,603 (-1.31%)       Darwin $357,621 (+2.79%)       Canberra $496,414 (-0.41%)       National $532,600 (+0.26%)                HOUSES FOR SALE AND WEEKLY CHANGE     Sydney 10,429 (+70)       Melbourne 14,915 (+41)       Brisbane 7,933 (-18)       Adelaide 2,089 (-116)       Perth 5,787 (-101)       Hobart 1,241 (+4)       Darwin 244 (-2)       Canberra 988 (+18)       National 43,626 (-104)                UNITS FOR SALE AND WEEKLY CHANGE     Sydney 8,586 (+58)       Melbourne 8,221 (+87)       Brisbane 1,635 (+21)       Adelaide 372 (-9)       Perth 1,517 (-36)       Hobart 198 (-10)       Darwin 404 (-2)       Canberra 1,028 (+31)       National 21,961 (+140)                HOUSE MEDIAN ASKING RENTS AND WEEKLY CHANGE     Sydney $820 (+$3)       Melbourne $600 (-$5)       Brisbane $650 ($0)       Adelaide $600 ($0)       Perth $680 ($0)       Hobart $550 ($0)       Darwin $750 ($0)       Canberra $680 (+$10)       National $676 (+$1)                UNIT MEDIAN ASKING RENTS AND WEEKLY CHANGE     Sydney $760 (-$10)       Melbourne $595 (-$5)       Brisbane $640 (-$3)       Adelaide $500 (+$5)       Perth $620 ($0)       Hobart $450 ($0)       Darwin $540 (-$10)       Canberra $550 (-$10)       National $596 (-$5)                HOUSES FOR RENT AND WEEKLY CHANGE     Sydney 5,832 (+125)       Melbourne 6,113 (+155)       Brisbane 4,426 (+39)       Adelaide 1,506 (+63)       Perth 2,727 (+138)       Hobart 431 (+13)       Darwin 95 (-3)       Canberra 602 (+6)       National 21,732 (+536)                UNITS FOR RENT AND WEEKLY CHANGE     Sydney 10,046 (+377)       Melbourne 6,071 (+301)       Brisbane 2,272 (+28)       Adelaide 373 (+1)       Perth 740 (-4)       Hobart 143 (+14)       Darwin 136 (+6)       Canberra 746 (+30)       National 20,527 (+753)                HOUSE ANNUAL GROSS YIELDS AND TREND       Sydney 2.61% (↑)        Melbourne 3.15% (↓)       Brisbane 3.37% (↓)       Adelaide 3.47% (↓)     Perth 4.14% (↑)      Hobart 3.93% (↑)      Darwin 5.86% (↑)        Canberra 3.43% (↓)       National 3.33% (↓)            UNIT ANNUAL GROSS YIELDS AND TREND         Sydney 5.21% (↓)       Melbourne 6.25% (↓)       Brisbane 5.91% (↓)       Adelaide 5.80% (↓)     Perth 7.14% (↑)      Hobart 4.64% (↑)        Darwin 7.85% (↓)       Canberra 5.76% (↓)       National 5.81% (↓)            HOUSE RENTAL VACANCY RATES AND TREND       Sydney 0.8% (↑)      Melbourne 0.7% (↑)      Brisbane 0.7% (↑)      Adelaide 0.4% (↑)      Perth 0.4% (↑)      Hobart 0.9% (↑)      Darwin 0.8% (↑)      Canberra 1.0% (↑)      National 0.7% (↑)             UNIT RENTAL VACANCY RATES AND TREND       Sydney 0.9% (↑)      Melbourne 1.1% (↑)      Brisbane 1.0% (↑)      Adelaide 0.5% (↑)      Perth 0.5% (↑)      Hobart 1.4% (↑)      Darwin 1.7% (↑)      Canberra 1.4% (↑)      National 1.1% (↑)             AVERAGE DAYS TO SELL HOUSES AND TREND         Sydney 28.9 (↓)     Melbourne 30.3 (↑)        Brisbane 30.8 (↓)       Adelaide 25.4 (↓)     Perth 36.1 (↑)      Hobart 37.8 (↑)      Darwin 35.1 (↑)        Canberra 28.5 (↓)     National 31.6 (↑)             AVERAGE DAYS TO SELL UNITS AND TREND         Sydney 29.6 (↓)       Melbourne 30.2 (↓)     Brisbane 29.6 (↑)        Adelaide 25.4 (↓)     Perth 38.3 (↑)      Hobart 30.1 (↑)        Darwin 46.7 (↓)       Canberra 38.0 (↓)     National 33.5 (↑)            
Share Button

He Stole Hundreds of iPhones and Looted People’s Life Savings. He Told Us How.

A convicted iPhone thief explains how a vulnerability in Apple’s software got him fast cash—and then a stint in a high-security prison

Thu, Dec 21, 2023 8:37amGrey Clock 5 min

RUSH CITY, Minn.—Before the guards let you through the barbed-wire fences and steel doors at this Minnesota Correctional Facility, you have to leave your phone in a locker. Not a total inconvenience when you’re there to visit a prolific iPhone thief.

I wasn’t worried that Aaron Johnson would steal my iPhone, though. I came to find out how he’d steal it.

“I’m already serving time. I just feel like I should try to be on the other end of things and try to help people,” Johnson, 26 years old, told me in an interview we filmed inside the high-security prison where he’s expected to spend the next several years.

For the past year, my colleague Nicole Nguyen and I have investigated a nationwide spate of thefts, where thieves watch iPhone owners tap their passcodes, then steal their targets’ phones—and upend their financial and digital lives.

Johnson, along with a crew of others, operated in Minneapolis for at least a year during 2021 and 2022. In and around bars at night, he would befriend young people, slyly learn their passcodes and take their phones. Using that code, he’d lock victims out of their Apple accounts and loot thousands of dollars from their bank apps. Finally, he’d sell the phones themselves.

It was an elaborate, opportunistic scheme that exploited the Apple ecosystem and targeted trusting iPhone owners who figured a stolen phone was just a stolen phone.

Last week, Apple announced Stolen Device Protection, a feature that likely will protect against these passcode-assisted crimes.

Yet even when you install the software, due in iOS 17.3, there will be loopholes. The biggest loophole? Us. By hearing how Johnson did what he did, we can learn how to better secure the devices that hold so much of our lives.

How he got started

Johnson isn’t a sophisticated cybercriminal. He said he got his start pickpocketing on the streets of Minneapolis. “I was homeless,” he said. “Started having kids and needed money. I couldn’t really find a job. So that’s just what I did.”

Soon he realised the phones he was nabbing could be worth a lot more—if only he had a way to get inside them. Johnson said no one taught him the passcode trick, he just stayed up late one night fiddling with a phone and figured out how to use the passcode to unlock a bounty of protected services.

“That passcode is the devil,” he said. “It could be God sometimes—or it could be the devil.”

According to the Minneapolis Police Department’s arrest warrant, Johnson and the other 11 members of the enterprise allegedly accumulated nearly $300,000. According to him, it was likely more.

“I had a rush for large amounts at a time,” he said. “I just got too carried away.”

In March, Johnson, who had prior robbery and theft convictions, pleaded guilty to racketeering and was sentenced to 94 months. He told the judge he was sorry for what he did.

How he did it

Here’s how the nightly operation would go down, according to interviews with Johnson, law-enforcement officials and some of the victims:

Pinpoint the victim. Dimly lit and full of people, bars became his ideal location. College-age men became his ideal target. “They’re already drunk and don’t know what’s going on for real,” Johnson said. Women, he said, tended to be more guarded and alert to suspicious behaviour.

Get the passcode. Friendly and energetic, that’s how victims described Johnson. Some told me he approached them offering drugs. Others said Johnson would tell them he was a rapper and wanted to add them on Snapchat. After talking for a bit, they would hand over the phone to Johnson, thinking he’d just input his info and hand it right back.

“I say, ‘Hey, your phone is locked. What’s the passcode?’ They say, ‘2-3-4-5-6,’ or something. And then I just remember it,” Johnson described. Sometimes he would record people typing their passcodes.

Once the phone was in his hand, he’d leave with it or pass it to someone else in the crew.

Lock them out—fast. Within minutes of taking the iPhones, Johnson was in the Settings menu, changing the Apple ID password. He’d then use the new password to turn off Find My iPhone so victims couldn’t log in on some other phone or computer to remotely locate—and even erase—the stolen device.

Johnson was changing passwords fast—“faster than you could say supercalifragilisticexpialidocious,” he said. “You gotta beat the mice to the cheese.”

Take the money. Johnson said he would then enrol his face in Face ID because “when you got your face on there, you got the key to everything.” The biometric authentication gave Johnson quick access to passwords saved in iCloud Keychain.

Savings, checking, cryptocurrency apps—he was looking to transfer large sums of money out. And if he had trouble getting into those money apps, he’d look for extra information, such as Social Security numbers, in the Notes and Photos apps.

By the morning, he’d have the money transferred. That’s when he’d head to stores to buy stuff using Apple Pay. He’d also use the stolen Apple devices to buy more Apple devices, most often $1,200 iPad Pro models, to sell for cash.

Sell the phones. Finally, he’d erase the phone and sell it to Zhongshuang “Brandon” Su who, according to his arrest warrant, sold them overseas.

While Johnson did steal some Android phones, he went after iPhones because of their higher resale value. At bars, he’d scope out the scene—looking for iPhone Pro models with their telltale trio of cameras. He said Pro Max with a terabyte of storage could get him $900. Su also bought Johnson’s purchased iPads.

Su pleaded guilty to receiving stolen property and was sentenced to 120 days at an adult corrections facility in Hennepin County, Minn. Neither Su nor his lawyer responded to requests for comment.

On a good weekend, Johnson said, he was selling up to 30 iPhones and iPads to Su and making around $20,000—not including money he’d taken from victims’ bank apps, Apple Pay and more.

How you can prevent it

A week after my trip to Minnesota, Apple announced Stolen Device Protection. The security setting will likely foil most of Johnson’s tricks, but it won’t be turned on automatically.

If you don’t turn it on, you’re as vulnerable as ever. Switching it on adds a line of defence to your phone when away from familiar locations such as home or work.

To change the Apple ID password, a thief would need Face ID or Touch ID biometric scans—that is, your face or your finger. The passcode alone won’t work. And the process has a built-in hourlong delay, followed by another biometric scan. This same slow process is also required for adding a new Face ID and disabling Find my iPhone.

Some functions, such as accessing saved passwords in iCloud Keychain or erasing the iPhone, are available without the delay but still require Face ID or Touch ID.

A criminal might still be motivated to kidnap a person with lots of money, then slowly break through these layers of security. However, the protections will likely dissuade thieves who just want to grab phones and flee the scene.

So what loopholes remain? A thief who gets the passcode could still buy things with Apple Pay. And any app that isn’t protected by an additional password or PIN—like your email, Venmo, PayPal and more—is also vulnerable.

That’s why you should also:

  • Add a distinct passcode to money apps, like Venmo and Cash App.
  • Delete any notes or photos that include personal information such as passwords or Social Security numbers. Store that stuff in a secure note inside a third-party password manager, such as Dashlane or 1Password.
  • Create a stronger iPhone passcode—one that uses letters and numbers.

The most obvious is Johnson’s advice: Watch your surroundings and don’t give your passcode out.

If this crime has taught us anything, it’s that a single device now contains access to our entire lives—our memories, our money and more. It’s on us to protect them.

Nicole Nguyen contributed to this article.


This stylish family home combines a classic palette and finishes with a flexible floorplan

35 North Street Windsor

Just 55 minutes from Sydney, make this your creative getaway located in the majestic Hawkesbury region.

Related Stories
A Killer Golf Swing Is a Hot Job Skill Now
Apple Sued by Employees Alleging Unequal Pay for Women
By ERIN MULVANEY 14/06/2024
The unexpected reasons Australians are retiring earlier than planned
By Bronwyn Allen 14/06/2024
A Killer Golf Swing Is a Hot Job Skill Now

Companies are eager to hire strong players who use hybrid work schedules to schmooze clients on the course

Fri, Jun 14, 2024 5 min

Standout golfers who aren’t quite PGA Tour material now have somewhere else to play professionally: Corporate America.

People who can smash 300-yard drives and sink birdie putts are sought-after hires in finance, consulting, sales and other industries, recruiters say. In the hybrid work era, the business golf outing is back in a big way.

Executive recruiter Shawn Cole says he gets so many requests to find ace golfers that he records candidates’ handicaps, an index based on average number of strokes over par, in the information packets he submits to clients. Golf alone can’t get you a plum job, he says—but not playing could cost you one.

“I know a guy that literally flies around the world in a private jet loaded with French wine, and he golfs and lands hundred-million-dollar deals,” Cole says.

Tee times and networking sessions have long gone hand-in-golf-glove. Despite criticism that doing business on the course undermines diversity, equity and inclusion efforts—and the fact that golf clubs haven’t always been open to women and minorities —people who mix golf and work say the outings are one of the last reprieves from 30-minute calendar blocks

Stars like Tiger Woods and Michelle Wie West helped expand participation in the sport. Still, just 22% of golfers are nonwhite and 26% are women, according to the National Golf Foundation.

To lure more people, clubs have relaxed rules against mobile-phone use on the course, embracing white-collar professionals who want to entertain clients on the links without disconnecting from the office. It’s no longer taboo to check email from your cart or take a quick call at the halfway turn.

With so much other business conducted virtually, shaking hands on the green and schmoozing over clubhouse beers is now seen as making an extra effort, not slacking off.

Americans played a record 531 million rounds last year. Weekday play has nearly doubled since 2019, with much of the action during business hours , according to research by Stanford University economist Nicholas Bloom .

“It would’ve been scandalous in 2019 to be having multiple meetings a week on the golf course,” Bloom says. “In 2024, if you’re producing results, no one’s going to see anything wrong with it.”

A financial adviser at a major Wall Street bank who competes on the amateur circuit told me he completes 90% of his tasks by 10 a.m. because he manages long-term investment plans that change infrequently. The rest of his workday often involves golfing with clients and prospects. He’s a member of a private club with a multiyear waiting list, and people jump at the chance to join him on a course they normally can’t access.

There is an art to bringing in business this way. He never initiates shoptalk, telling his playing partners the round is about having fun and getting to know each other. They can’t resist asking about investment strategies by the back nine, he says.

Work hard, play hard

Matt Parziale golfed professionally on minor-league tours for several years, but when his dream of making the big time ended, he had to get a regular job. He became a firefighter, like his dad.

A few years later he won one of the biggest amateur tournaments in the country, earning spots in the 2018 Masters and U.S. Open, where he tied for first among non-pros.

The brush with celebrity brought introductions to business types that Parziale, 35 years old, says he wouldn’t have met otherwise. One connection led to a job with a large insurance broker. In 2022 he jumped to Deland, Gibson Insurance Associates in Wellesley, Mass., which recognised his golf game as a tool to help win large accounts.

He rescheduled our interview because he was hosting clients at a private club on Cape Cod, and squeezed me in the next morning, before teeing off with a business group in Newport, R.I.

A short time ago, Parziale couldn’t imagine making a living this way. Now he’s the norm in elite amateur golf circles.

“I look around at the guys at the events I play, and they all have these jobs ,” he says.

His boss, Chief Executive Chip Gibson, says Parziale is good at bringing in business because he puts as much effort into building relationships as honing his game. A golf outing is merely an opportunity to build trust that can eventually lead to a deal, and it’s a misconception that people who golf during work hours don’t work hard, he says.

Barry Allison’s single-digit handicap is an asset in his role as a management consultant at Accenture , where he specialises in travel and hospitality. He splits time between Washington, D.C., and The Villages, Fla., a golf mecca that boasts more than 50 courses.

It can be hard to get to know people in distributed work environments, he says. Go golfing and you’ll learn a lot about someone’s temperament—especially after a bad shot.

“If you see a guy snap a club over his knee, you don’t know what he’s going to snap next,” Allison says.

Special access

On a recent afternoon I was a lunch guest at Brae Burn Country Club, a private enclave outside Boston that was the site of U.S. Golf Association championships won by legends like Walter Hagen and Bobby Jones. I parked in the second lot because the first one was full—on a Wednesday.

My host was Cullen Onstott, managing director of the Onstott Group executive search firm and a former collegiate golfer at Fairfield University. He explained one reason companies prize excellent golfers is they can put well-practiced swings on autopilot and devote most of their attention to chitchat.

It’s hard to talk with potential customers about their needs and interests when you’re hunting for errant shots in the woods. It’s also challenging if you show off.

The first hole at Brae Burn is a 318-yard par 4 that slopes down, enabling big hitters like Onstott to reach the putting green in a single stroke. But to stay close to his playing partners and keep the conversation flowing, he sometimes hits a shorter shot.

Having an “in” at an exclusive club can make you a catch. Bo Burch, an executive recruiter in North Carolina, says clubs in his region tend to attract members according to their business sectors. One might be chock-full of real-estate investors while another has potential buyers of industrial manufacturing equipment.

Burch looks for candidates who are members of clubs that align with his clients’ industries, though he stresses that business acumen comes first when filling positions.

Tami McQueen, a former Division I tennis player and current chief marketing officer at Atlanta investment firm BIP Capital, signed up for private golf lessons this year. She had noticed colleagues were wearing polos with course logos and bringing their clubs to work. She wanted in.

McQueen joined business associates on the golf course for the first time in March at the PGA National Resort in Palm Beach Gardens, Fla. She has lowered her handicap to a respectable 26 and says her new skill lends a professional edge.

“To be able to say, ‘I can play with you and we can have those business meetings on the course’ definitely opens a lot more doors,” she says.


This stylish family home combines a classic palette and finishes with a flexible floorplan

35 North Street Windsor

Just 55 minutes from Sydney, make this your creative getaway located in the majestic Hawkesbury region.

Related Stories
Stressing Over Your Next Home Renovation Project? Let AI Handle It.
By NANCY KEATES 13/06/2024
The unexpected reasons Australians are retiring earlier than planned
By Bronwyn Allen 14/06/2024
A Killer Golf Swing Is a Hot Job Skill Now
    Your Cart
    Your cart is emptyReturn to Shop