Apple users should be careful. The tool "GrayKey" Can brute force crack all iPhone and graykeyiphone
Law enforcement has made significant technological breakthroughs in cracking the iPhone. Cellebrite, its security contractor, claims that it has found a new technology that can unlock almost all iPhones on the market, including the latest iPhone X and iPhone 8.
On Monday, Forbes once again reported that Grayshift, another well-known American startup, developed a tool named "GrayKey, it can extract complete system files from iOS devices and forcibly bypass Apple's security measures in the form of brute force password cracking to unlock the iPhone. It is worth noting that the company was co-founded by US intelligence agency contractors and former Apple security engineers.
In recent weeks, marketing materials on GrayKey tools have been widely spread across private detective groups and several private forensic companies. Data shows that it will be sold in two forms: the online version is priced at $15000 and the usage limit is 300. In other words, you will spend $50 each time you unlock the iPhone. The offline version is priced at $30000, but there is no limit on the number of times you use it.
In another advertisement, Grayshift claimed to be able to unlock all iPhones running iOS 10 and 11 and is about to provide support for iOS 9. In addition, it claims that the tool can work on the latest Apple firmware, such as the iPhone X and iPhone 8 released last year.
An anonymous reporter pushed an article to Forbes through a private Google group. The author confirms to readers through the screen in the article, they have indeed used GrayKey to unlock the iPhone X.
According to Ryan Duff, director of Point3 Security Network Solutions, Grayshift uses a vulnerability similar to Cellebrite used to unlock the iPhone, that is, an attack on the Apple Secure Enclave module.
This attack mainly relies on repeated password guesses. As we know, when the number of incorrect iPhone Password Input exceeds 10, the iPhone will have a very long operation time. This time is a random value. It is said that it takes at least 141 minutes to re-enter the password. It is also reported that someone has to wait for more than 47 years.
From this we can see that the cracking Efficiency of GrayKey is not as high as we think. It takes a long time to crack the password, and it has to set up a dedicated number of attempts to clear the password.
In addition, because GrayKey does not require users to send devices to their labs that need to be unlocked. This allows Apple to decompile GrayKey to understand its operating principles and determine which vulnerabilities it uses. Apple will fix these vulnerabilities in subsequent updates.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
