In recent years, security researchers and hackers have opened up a "war" with Apple as they are trying to develop new ways to bypass the safety of iPhones. Earlier in the year, a new challenge came for the company, in the form of an iPhone unlock device, called GrayKey, which is used by law enforcement agencies.
The latest security challenge for iOS, however, was raised by a security researcher, Matthew Hickey, who has found a way to bypass the limit of 10 password insertion attempts that allows an iPhone device.
For those who do not know, the iPhones we use give a limited number of unsuccessful access attempts that can be made before the Apple security app is turned on, which scans the device and erases its data forever. This is the primary measure that prevents hackers and police from easily gaining access to a device.
The recent attack is able to bypass the limit of limited efforts even on iPhones running the latest iOS versions. "An attacker simply needs an activated, locked phone and a cable Lightning"Said Hickey in ZDNet.
With the help of a computer and a lightning cable, he found a way to enter as many passwords as possible. Instead of trying to enter a password at a time, which activates the Apple security app, it sends all the passwords at once. In other words, a hacker can create all the possible combinations and pass them in the form of a string without spaces.
He has also published an online demo video by conducting the attack. More precise details of the attack have been shared with Apple, and there will logically be a patch for this issue in the upcoming iOS 12. It's also unknown if GrayKey uses a similar technique to unlock an iPhone.