Researchers at British Security Company MDsec have developed a tool that lets a hacker perform a “Brute Force” attack on a person’s protected iPhone passcode. The passcode cracking device tests different passcode combinations sequentially from 0000 to 9999, and hardwires through USB to the victim’s iPhone. The device also has a light which turns on once the device has been unlocked.
The researchers at MDsec claim that their tool can even work on Apple’s mobile devices if the owner of the mobile device has the ‘erase information after ten invalid passcode attempts’ option turned on, by cutting off the power supply of the iOS device. It is believed that MDsec’s device is exploiting a known Apple vulnerability, CVE-2014-4451 which was discovered last year and has since been patched.
The best practice for securing an iPhone is to use more than the standard, 4 digit passcode, and implement a new code that utilizes a complex string of characters, with numbers, letters, and special characters. It is also key to make sure that all devices are running the most up-to-date software with latest patches installed to correct any vulnerabilities.
For more information regarding this iPhone Passcode breach, please contact one of the following GraVoc employees:
Nate Gravel – Director of the Information Security Practice ngravel@gravoc.com
Related articles
The NSA Cybersecurity Guide for Remote Workers
In this blog post, we cover a few key recommendations for remote workers from the NSA guide, ‘Best Practices for Securing Your Home Network.’
GraVoc Recognized on CRN’s 2023 MSP 500 List
CRN®, a brand of The Channel Company, has named GraVoc to its Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2023!
The Cybersecurity Implications of ChatGPT
Is ChatGPT a security risk? In this blog post, we explore the cybersecurity implications of ChatGPT, including the benefits and challenges.
