Jump to content
Nytro

Hacker Releases New Tool to Brute-Force Attack iCloud Passwords

Recommended Posts

Hacker Releases New Tool to Brute-Force Attack iCloud Passwords

Posted on January 3, 2015 by Waqas

Reports emerged of a new tool claiming the ability to successfully carry out password dictionary attacks on any iCloud account without being detected by Apple’s security. It seems that the vulnerability has just been patched and anyone trying to use this tool is being locked out of repeated password attempts.

Earlier in September, Apple had reported that it had already patched up one hole that allowed brute-force attacks like these.

The tool’s source code, released on GitHub, showed nothing extremely advanced. It just attempts every possible word out of its give 500 word list and tries it out for the password of any iCloud account email. The tool, judging from its source code, does not show that it will succeed at cracking passwords.

Passwords that are not from the 500-word dictionary present in this tool are safe but it still posed a risk as many people do use simple dictionary words as their iCloud passwords. While this tool was crude and unsuccessful, more weathered hackers could develop it and use a much larger word list to use than this one.

Apple appears to have resolved the hack now which simply relied on pretending to be an iPhone device. What is surprising is that fact that Apple allows indefinite requests without turning towards password locking after a certain number of requests for instance.

At the same time this was happening, the Photos app for iCloud has been pulled and it is not yet clear if there is a connection between both stories.

Sursa: http://hackread.com/brute-force-attack-icloud-passwords/

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...