A pair of security researchers, "AquaXetine" and "Merruktechnolog", claim to have found a flaw which could allow an attacker to remove security measures on lost or stolen iPhones.

What happens is a "man in the middle" flaw that tricks a stolen iOS device into connecting with a local machine masquerading as an Apple server.

The hackers can then send instructions to the device and steal the AppleID credentials. With that in hand, they can disable any remote locking or wipe mechanisms.

Graham Cluley, a security researcher and blogger, noted that users should implement Apple's anti-theft and remote security features on their iPhones and iPads.

Cluley said in a [url=http://www.intego.com/mac-security-blog/have-hackers-defeated-the-iphone-kill-switch/]post[/url= for Mac security firm Intego: "Just because some hackers might have found a way around that element of the protection doesn’t mean that the vast majority of phone thieves would have a clue how to go about it."

The report comes as governments and law enforcement groups are still trying to get legislation for a "kill switch" mechanism.