+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Apple Has Patched A Hole In iCloud That Let Hackers Access Anyone's Account

Jan 5, 2015, 16:28 IST

Apple has fixed a vulnerability in its iCloud service that a hacker used to prove that any account was vulnerable to being hacked into. 

Advertisement

iDict was a hacking tool released online on New Year's Day. It used a hole in Apple's security to repeatedly guess user passwords, allowing hackers to access any account given enough time.

Pr0x13, the person who created the hacking tool, claimed that there was a "painfully obvious" flaw in Apple's iCloud which could be used to bypass security systems like passwords, security questions, and even two-factor authentication (which is the security system using text messages that could have prevented the celebrity iCloud hack).

iDict worked by guessing a user's password by running through a long list of commonly used passwords until it hit upon the right one. Apple blocks these "brute force" attacks, but it seems that there was a hole in its security that iDict exploited.

It looks like Apple acted fast to shut down the hacking tool. iDict was released on New Year's Day, and its creator tweeted on January 2 that people trying to use the service were causing iCloud accounts to be locked for security reasons, preventing hackers from gaining access.

Advertisement

iCloud was criticized in 2014 when hackers used the online service to access the accounts of celebrities like Jennifer Lawrence and Kate Upton. Hundreds of naked photographs leaked online after hackers bypassed Apple's security question system.

After the wave of leaked images of celebrities emerged online, Apple CEO Tim Cook gave an interview where he promised to increase iCloud's security by adding alerts and improving two-factor authentication.

We reached out to Apple for comment on this story and will update if we hear back. 

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article