Apple Refutes iPhone Passcode Bypass Claims by Hacker, Claims It's a Result of 'Incorrect Testing'

Advertisement
By Ankit Chawla | Updated: 25 June 2018 11:35 IST
Highlights
  • A hacker had claimed a passcode bypass last week
  • The hack appears to bypass lock out and erase data options
  • Apple has disputed the genuinity of the hack
Apple Refutes iPhone Passcode Bypass Claims by Hacker, Claims It's a Result of 'Incorrect Testing'

Apple will soon bring the controversial USB Restricted Mode to iPhone and iPad devices with the rollout of iOS 12 later this year. This toggle in the settings will cut off communication through the USB port when the phone has not been unlocked in an hour. With the move, Apple was preventing the use of brute-force attacks to guess the passcode, a method commonly employed by law enforcement authorities and security agencies to crack a locked iPhone. The company had said it was aiming to protect all customers, especially in countries where phones are readily obtained by police or by criminals with extensive resources, and to head off further spread of the attack technique. Despite this upcoming fix to the brute force, an ethical hacker posted a demonstration of a brute-force passcode attack on devices running versions lower than iOS 12. He claimed to have bypassed current protections by sending passcodes combinations at once. Apple replied to the claim by refuting the method, calling it "incorrect testing".

Matthew Hickey, who goes by the pseudonym @hackerfantastic, took to Twitter on Saturday to show how the iPhone's passcode could be bypassed with a simple hack. In a Vimeo video, Hickey is seen connecting a Lightning cable to an iPhone running the latest stable version of iOS 11.3. He also shows, in Settings, that the Erase Data (on multiple wrong attempts) option has been switched on. He then runs his software which sends all passcode attempts ranging from 0000 to 9999 to the iPhone at once, instead of once at a time. The one-minute video shows that the iPhone gets unlocked within seconds of running the software.

He explained the brute-force attack to ZDNet, "If you send your brute-force attack in one long string of inputs, it'll process all of them, and bypass the erase data feature." As you know, passcode bypass protections will erase a phone's data after multiple wrong attempts.

After a day of posting about the brute-force attack, the hacker suggested in a correction to his original claim, that the iPhone's Secure Enclave Processor (SEP) appeared to register less PINs than previously thought, due to instances of pocket dialling and/ or overly fast inputs. "When I sent codes to the phone, it appears that 20 or more are entered but in reality its only ever sending four or five pins to be checked," he explained to ZDNet. Hickey said he reported his findings to Apple before tweeting about them.

Advertisement

In a statement to ZDNet, Apple spokesperson Michele Wyman responded to the Hickey's claim, "The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing." The company did not provide any details about precisely why it disputes the findings.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: iPhone, Apple
Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo Y400 Pro 5G: Everything We Know Ahead of India Launch on June 20
  2. Oppo Reno 14 5G, Reno 14 Pro 5G India Launch Timeline Leaked
  3. BSNL Announces Name of Its 5G Service in India
  4. OnePlus Bullets Wireless Z3 With Up to 36 Hours Battery Launched in India
  5. Oppo Reno 14 5G Series Teased to Launch in India Soon
  6. Poco F7 5G to Be Equipped With a Snapdragon 8s Gen 4 SoC
  7. Apple's Foldable iPhone to Enter Production Later This Year: Ming-Chi Kuo
  8. Samsung Galaxy Z Fold 7, Z Flip 7 Launch Date Leaked Online
  9. Realme 15 Series Said to Launch in July; Lite Variant Leaked Online
  10. Vivo T4 Lite 5G to Launch in India on June 24; Chipset Confirmed
  1. Realme 15 Series Launch Timeline Leaked; Lite Variant Surfaces Online
  2. Oppo Reno 14 5G Series India Launch Confirmed: Expected Price, Specifications
  3. Google Messages Widely Rolling Out Snooze Notifications and Delete for Everyone Features
  4. OnePlus Bullets Wireless Z3 With 12.4mm Drivers, Up to 36 Hours of Battery Life Launched in India
  5. Microsoft Planning Thousands More Job Cuts Aimed at Salespeople
  6. Vivo T4 Lite 5G India Launch Date Announced; to Feature MediaTek Dimensity 6300 SoC
  7. Coinbase Launches Stablecoin Payments Service for E-Commerce
  8. Iran Crypto Exchange Nobitex Hit by Hackers, $90 Million Destroyed
  9. Vodafone Idea Partners With AST SpaceMobile to Bring Direct-to-Device Satellite Connectivity to India
  10. Microsoft Said to Be Prepared to Abandon High-Stakes Talks with OpenAI
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.