Apple is well-known for its maniacal approach to security, but it turns out not even the Cupertino heavyweight is safe from breaches: Popular YouTuber EverythingApplePro has stumbled upon a miniature hacking device that can crack the passcode of any iPhone 7 handset.
The device has a fairly compact size, but what is even more impressive is that, thanks to its three USB ports, it has the capacity to brute-force passcodes on three devices at the same time.
To pull this off, EverythingApplePro says the creators of the tool exploited a loophole in the phone’s data recovery state that allows users to enter as many password attempts as they need.
The vulnerability puts at risk all iPhone 7 and 7+ models running any version of iOS between 10.3.3 and 11 Beta, according to the YouTuber.
In case your phone is running an older version of iOS, the attackers will have to import the iOS 10.3.3 firmware to your phone to brute-force it. And here is the scary part: While you would usually need to enter your passcode to update, the gadget comes with a software that automatically bypasses this step.
Even so, the device could still require up to a few days to crack your phone, depending on the complexity of your passcode.
You can watch the exploit in action in the video below:
EverythingApplePro has brought to light several other glitches in iOS and the iPhone in the past, but none as jarring as this one. His previous finds include this 3-second video that could brick any iPhone or iPad as well as this malicious text that could crash any device running iOS 10.
The good thing is that, following his videos, Apple has always been rather quick to eliminate the exposed issues. So chances are security engineers in Cupertino are already working on a fix.
Given how vehemently Apple refused to comply with the FBI’s requests to hand over the secret to unlocking an iPhone handset during the infamous San Bernardino case, it is truly wild to consider that someone is selling a $500 solution to a problem the FBI ended up wasting millions on.
There is a reason iOS exploits are worth millions, after all.