A developer that is concealed under the name of Pr0x13 has developed a tool that with a brute force attack trying to get iCloud passwords. The tool would work in spite of that Apple has this security built in. In the meantime the problem would already have been fixed.
Apple has not brought out about the vulnerability, but the tool of Pr0x13 would already not work anymore which suggests that the company have fixed the issues. On his Github page, the developer has to code online that initially, the security in iCloud to brute force attacks would have to work around. The author mentions the bug that made it possible was ‘painfully obvious’.
It is unclear whether in the short time that the tool, which the name iDict bears, has worked and there is data of iCloud users are captured. On social-networking sites such as Twitter and Reddit it was reported that iDict works as described, what it is likely that there data was stolen. Now, therefore, reported that the tool just doesn’t work anymore.
With iDict working had users to know which e-mail address in the to hack iCloud account heard of, reports Business Insider. Then try the tool a list of 500 common passwords. For that reason, not every account is vulnerable: if the password used is not on the list can iDict not break. Would the tool easily can be a longer list with possible passwords.
There was already criticism of Apple because of the sensitivity of iCloud brute force attacks. The vulnerability meant that users, unlimited passwords could recommend for iCloud. The bug came out when it turned out that there are photos from the iCloud accounts of American actresses and other celebrities were stolen. Apple took measures, but this could apparently be circumvented.
