Hackers Just Released A Tool That Could Threaten Everyone's iCloud Account
A hacker has released a tool that he says can break into any iCloud account.
The tool, iDict, uses an exploit in Apple's security to bypass restrictions that stop most hackers from gaining access to accounts.
On iDict's GitHub page, user "Pr0x13" says the exploit used to create the hacking tool is "painfully obvious" and that it "was only a matter of time" before hackers used it to break into iCloud accounts.
The tool is described as a "100% working iCloud Apple ID dictionary attack that bypasses account lockout restrictions and secondary authentication on any account."
There's no confirmation that iDict is indeed a working exploit, but users on Twitter and Reddit are claiming to have tested the tool and found it to work as described.
Here's what the iDict tool looks like when in use:
Apple has multiple ways to stop hackers from breaking into its online iCloud service. First off, it stops people from guessing passwords over and over again by blocking "brute force" attacks. Apple also lets people verify login attempts using their cellphone through two-factor authentication. But iDict purportedly bypasses those security steps.
If iDict does work as described, there's very little people can do to keep their account secure. The tool does require its users to know the email address associated with an iCloud account before it tries to hack into it. One way to make an iCloud account more secure is to use an email address that hasn't been shared online.
Meanwhile, questions are being raised why as to the hacking tool was released online at all. When security researchers uncover exploits in software or websites, they often privately report them to companies to avoid widespread use of security holes by hackers.
ICloud was the online service that hackers broke into last year to leak naked photographs of hundreds of celebrities online. Stars like Jennifer Lawrence and Kate Upton had their accounts broken into when hackers managed to bypass Apple's security-question system. The company later rolled out improved security aimed at stopping hackers from accessing accounts.
We reached out to Apple for comment on this story and will update if we hear back.
NOW WATCH: YouTube Superstar Bethany Mota Reveals Her 4 Favorite YouTube Channels
- Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
- I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
- An Ambani disruption in OTT: At just ₹1 per day, you can now enjoy ad-free content on JioCinema
- In second consecutive week of decline, forex kitty drops $2.28 bn to $640.33 bn
- SBI Life Q4 profit rises 4% to ₹811 crore
- IMD predicts severe heatwave conditions over East, South Peninsular India for next five days
- COVID lockdown-related school disruptions will continue to worsen students’ exam results into the 2030s: study
- India legend Yuvraj Singh named ICC Men's T20 World Cup 2024 ambassador