Devices On iOS 11.3 And Below Can Be Unlocked By Brute Forcing

Security researcher Matthew Hickey discovered a USB-based security exploit to brute force the lock screen password of iOS devices. As we know that you can set it up a setting for erase all data if someone enter wrong passwords 10 times. However, Hickey's method circumvents this restriction.

For example, when a hacker connects an iPhone or iPad to a computer, he can send all password attempts to the iPhone, which is 0000 to 9999, for brute-forcing the device. This hacking method works on iOS devices that are running way up to iOS 11.3.

To brute forcibg an iPhone or iPad, just boot up and using a Lightning cable. Hickey's brute force cracking method takes 3-5 seconds to enter each 4-digit password, and for sure, it is not as advanced as the Grayshift unlocking tool.

Luckily, Apple’s iOS 12 added a new USB-restricted mode. New features will fix Hickey's brute force methods and will also disable the Grayshift cracking tool. If the device has not been unlocked for the last hour, the USB access will be cut off.

Post a Comment

Previous Post Next Post