This $15,000 Device Can Hack Into A Locked iPhone Via Its Lightning Port

You’ve likely heard recently how the iPhone is once again under attack from those who want to gain access to the data it could potentially be holding, whether or not its user is willing to give it up.

The latest device purposefully built to gain access to an iPhone is Grayshift’s GrayKey, and it’s a device that can hack its way into any iPhone, so long as it has a Lightning port. That means any iPhone or even iPad with Apple’s current charging port built in is susceptible to hacking, although that will require the purchase of a device worth at least $15,000, and potentially, as much as double that.

With various law enforcement outfits like police forces, FBI, and DEA apparently all placing orders for the boxes, it’s clear that there is most definitely a demand for them no matter the price. The GrayKey brute-forces its way into iOS devices, which is nothing new in itself, and Apple is already working to prevent the new devices from working.

According to a former Apple employee who works for Grayshift, a new security feature was part of iOS 11.3 betas, which prevented access to the iOS device’s Lightning port if it had not been accessed via either biometric or passcode security measures for seven days or more. That would leave the GrayKey machines out of luck, although they would presumably work just fine if the hack was attempted within a week’s time of the iPhone or iPad’s last successful and legitimate unlock.

“Starting with iOS 11.3, iOS saves the last time a device has been unlocked (either with biometrics or passcode) or was connected to an accessory or computer. If a full seven days (168 hours) elapse [sic] since the last time iOS saved one of these events, the Lightning port is entirely disabled,” Braden Thomas wrote in a blog post that can only be seen by customers of the company that makes the boxes. Thankfully, the folks over at Motherboard were able to obtain a copy.  “You cannot use it to sync or to connect to accessories. It is basically just a charging port at this point. This is termed USB Restricted Mode, and it affects all devices that support iOS 11.3.”

Oddly, Apple removed the security feature in the final version of iOS 11.3 although that does not mean that it will not be re-added in another release. Hopefully it is, because if Apple knows about a security flaw, it really needs to find a way to fix it, and quickly.

(Source: Motherboard)

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.