GrayKey From GrayShift
Source: MalwareBytes
  • Apple has successfully patched the most popular password cracking tool used by cops via a patch.
  • There are no details on how the tech giant has managed to close the exploit for good.
  • Users need to be running the latest version of iOS 12 to get access to the new security measure.

GrayKey is a popular passcode cracking tool that is used by cops to break into Apple iPhones of arrested individuals. Developed by Atlanta-based company Grayshift, the tool was designed to break into Apple’s mobile OS, and the developers claimed that it works on all iPhones.

Apple is continuously trying to bolster its security and the company’s move prevents Grayshift from deploying exploits that allow anyone access to iOS devices without explicit permission. Grayshift had secured contracts with Immigration and Customs Enforcement as well as the Secret Service, but it is unknown how things will be handled with the GreyKey tool being blocked out. Apple or Grayshift have not officially commented about the patch.

According to Forbes, sources that are familiar with the technology have revealed that GreyKey can no longer break into iPhones that are running iOS 12 or above. However, any device that is running older versions of iOS can still be broken into. Apple’s upgrade policy for its OS is fairly generous, and most of its devices have received iOS 12, making it very difficult for most iPhones to be jailbroken.

However, it has been reported that the new patched devices can still be exploited by GreyKey with only a partial extraction possible. The extent of the partial extraction is limited to unencrypted files and metadata, but user files that are secured cannot be extracted. The software was known to use brute force methods to guess passwords and worked around Apple’s security by repeatedly guessing passcodes. However, with the latest version of iOS, it no longer works.

Police officer Captain John Sherwin of the Rochester Police Department in Minnesota stated “Give it time, and I am sure a ‘workaround’ will be developed, and then the cycle will repeat. Someone is always building a better mousetrap, whether it’s Apple or someone trying to defeat device security.”

What do you think about the GreyKey exploit being patched in iOS? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.