New iPhone Lock Screen Exploit Lets You Access Contacts, Photos Without Passcode

Advertisement
By Ketan Pratap | Updated: 21 November 2016 18:36 IST
Highlights
  • Siri should be enabled on the lock screen for the exploit to work
  • New exploit helps attackers gain access to Contacts, Photos
  • To prevent unauthorised access, disable Siri on the lock screen
New iPhone Lock Screen Exploit Lets You Access Contacts, Photos Without Passcode

A new lock screen bypass has been discovered that allows iPhone users to view contact and photo albums on the iPhone SE, iPhone 6 Plus and iPhone 6s Plus without unlocking the devices with a passcode or Touch ID fingerprint. Miguel of iDeviceHelp in a YouTube video showed the exploit taking advantage of unauthenticated access to Siri via the lock screen, and Siri's access to contacts and photos.

Notably, this is not the first lock screen bypass exploit discovered by users as earlier this year a similar exploit saw users gaining access of the device without Touch ID or passcode. There are several examples of lock screen bypass reported by users on iPhones every year that offer access to Photos, contacts, or entire device without actually unlocking the smartphone.

The new exploit however does require a very particular set of circumstances. For one, Siri should be enabled on the lock screen which helps you gain access to Photos and Contacts without unlocking the device. The attacker should have an extra iPhone to help in gaining access to Photos and Contacts on the locked iPhone.

To begin with, Miguel asks Siri on the locked iPhone "Who am I" on which Siri responds with the details of the user. Once the contact number is available, Miguel does a FaceTime from another iPhone to the iPhone which is locked. From the FaceTime call screen, he chooses Messages on which few message options appear including a custom message option. After the Message app launches, Miguel turns on the VoiceOver option via Siri.

Advertisement

For next few steps, the timing of screen tap is crucial and users may not succeed in just first few attempts. Miguel explains that user has to double tap on the contact info bar while on Message page, and at the same time hold the second tap on the bar. At the same point, user will have to click on the keyboard which should start the exploit. After the exploit works, users should get the text field for contacts after which users can type letters to gain access to contacts stored on the iPhone via the "i" info button located next to the contact. It's worth noting that the iPhone remains locked during the entire exploit. A lock icon is visible on the status bar, indicating the locked status of the phone.

Despite the phone being locked, apart from gaining access to contacts via the Message interface, users can also gain access to photos on the iPhone. For gaining access to Photos, users will have to tap on the "Create new account" option seen inside the Contacts. Once the process to add the new contact begins, users can tap on the "Add photo" to the contact option and the phone offers options to either "Choose Photo" or "Take Photo." On tapping the Choose Photo option, the user can gain access to the Photos stored in the device. We tried using the exploit on an iPhone 6s and we succeeded gaining access to Contacts and Photos.

Advertisement

Apple Insider points out that the new exploit can be done on the iPhone SE, iPhone 6 Plus and iPhone 6s Plus running iOS 10.2 and above. Though, another YouTube channel has claimed that the new exploit can be used to gain access on any iPhone running iOS 8.0 and above.

Apple is yet to comment on the exploit but till then we would recommend users to disable Siri on the lock screen to make it impossible for attackers to gain access, even if the device is locked.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Siri, Mobiles, iPhones, Apple, iOS 10
Advertisement

Related Stories

Popular Mobile Brands
  1. Samsung Galaxy S24 FE Gets a Price Cut on Amazon: See Offer
  2. iPhone 16 Pro, iPhone 16 Pro Max Price Discounted on Flipkart: See Offers
  3. Samsung Galaxy Buds Core Listed Online, Revealing Design, Specifications
  1. Yugi Tamil Movie Now Streaming on Aha: A Gritty Tale of Crime, Surrogacy, and Revenge
  2. Lovely Now Available on Amazon Prime Video: What You Need to Know About Malayalam Fantasy Drama
  3. The Hunt- The Rajiv Gandhi Assassination Case OTT Release Date Revealed
  4. Salakaar OTT Release: When and Where to Watch Mouni Roy Starrer Spy Thriller Online?
  5. Samsung Galaxy S24 FE Gets a Price Cut on Amazon: See Offer
  6. Samsung Galaxy Buds Core Listed on Company Site; Design, Specifications Revealed
  7. iPhone 18 Pro Series Tipped to Get Hole-Punch Selfie Camera, Hidden Face ID System
  8. iPhone 16 Pro, iPhone 16 Pro Max Available at Discounted Prices on Flipkart: See Offers
  9. Oppo Reno 14 5G Series Global Launch Date Announced; Amazon, Flipkart Tease Online Availability in India
  10. Gigabyte Aorus Master 16 AI PC With Intel Core Ultra 9 Chip, Up to GeForce RTX 5080 GPU Launched in India
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.