Thieves already know that stolen iPhones are usually not operable. Even with the old Find My iPhone, even after the device has been wiped, only the original owner can activate it again. So these stolen phones are usually broken down, with parts sold separately.
They are getting smarter. A family member had their phone stolen and Find My iPhone reported that the phone was off for months and so she gave up searching. One day, she got a text on her new phone saying "Find my iPhone has found your phone, click here to login to Find my iPhone". It turned out to be a phishing page for her AppleID credentials. She fell for it and I'm assuming the thieves were able to finally get into her phone. To this day I have no idea how they were able to get her phone number. From the SIM maybe?
Similar story here, but instead of a phishing email it was a legit Find My iPhone email six months later saying her phone pinged from Morocco.
So yup, sounds like they’ve either resorted to stripping them for parts or selling them whole (and still firmware-locked) to innocent buyers in places where you’d have practically no legal recourse — who then become victims to the theft as well, ironically. And by then, of course, you’ve likely had a new phone for long enough to not lose much sleep over it.
Brian Krebbs covered phishing of users who lost their iPhones, although he doesn't talk about how the "thief" managed to retrieve phone number from the the stolen phone.
Whilst I was in China two years ago, someone mentioned that you can swap out the memory of an iPhone with one from another iPhone (e.g. water damaged) to get around an iCloud lock. So although it's quite sophisticated as a method, it's definitely doable.
