In 2013, Apple introduced a security feature designed to make iPhones less valuable targets to would-be thieves. An iPhone can only be associated to one iCloud account, meaning that, in order to sell it to someone else (or in order for a stolen phone to be used by someone new) that account needs to be removed from the phone altogether. A stolen iPhone which is still attached to the original owner’s iCloud account is worthless for personal use or reselling purposes (unless you strip it for parts).
The iCloud security feature has likely cut down on the number of iPhones that have been stolen, but enterprising criminals have found ways to remove iCloud in order to resell devices. To do this, they phish the phone’s original owners, or scam employees at Apple Stores, which have the ability to override iCloud locks. Thieves, coders, and hackers participate in an underground industry designed to remove a user’s iCloud account from a phone so that they can then be resold.
This is a fascinating deep dive into the sophisticated black market that evolved for the sole purpose of defeating iCloud security locks.