Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Others New iPhone Passcode Bypass Discovered Hours After Apple Releases iOS 12.1

New iPhone Passcode Bypass Discovered Hours After Apple Releases iOS 12.1

Friday, November 02, 2018




Piling right over the lock screen bugs that Apple has grappled with over the years, Apple’s recent edition, iOS 12.1 joined the stack as it barely breathed into the existence and an iPhone enthusiast, Jose Rodriguez worked his way to finding a passcode bypass hack which can be exploited to enable anyone to see all contacts’ personal information on a locked iPhone.

After being diligently tested, it has been confirmed that the exploit works on iOS 12. The attack’s modus operandi is similar to the previous version’s (12.0.1) update which allowed criminals to steal pictures from a device as it also requires physical access to the iPhone.

Referenced from Josh’s conversation with The Hacker News,

“In a passcode-locked iPhone with latest iOS released today Tuesday, you receive a phone call, or you ask Siri make a phone call (can be digit by digit), and, by changing the call to Facetime you can access to the contact list while adding more people to the Group Facetime, and by doing 3D Touch on each contact you can see more contact information,”

In an attempt to dissect the functioning of the latest iPhone hack which seemingly ranks higher in the ease of execution than his previous findings, the Spanish security researcher shared a video demonstrating the bug with The Hacker News. Below is the link to the same.

https://youtu.be/ojigFgwrtKs


Step By Step Execution of New iPhone Passcode Bypass Attack:

  • ·       Call the framed iPhone from some other iPhone (In case you don’t know the number of the target, you can ask Siri “who I am,” or Siri can be asked to make a call to your number digit by digit), or you can use Siri to call on your iPhone.
  • ·       The moment the call gets connected, start the “Facetime” video call from the same screen.
  • ·       Then reach the bottom right menu and select “Add Person.”
  • ·       Now touch the plus icon (+) to access the entire contact list of the framed iPhone, and by doing 3D Touch on each contact, more information can be accessed.   


As Apple’s Facetime is the primary component in the attacker’s arsenal to set the attack, the hack can only be executed when the devices engaged are both iPhones.

Notably, the latest passcode bypass method is working on all the iPhone models which includes iPhone X and XS as they are all running on iOS 12.1 which is the latest operating system offered by Apple.


With no short-term solution or quick fix being in the sight, the users are advised to wait until Apple devises a solution and subsequently issues an update to tackle this new iPhone passcode bypass bug.


Share it: