December 30, 2024
Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Posted March 16, 2018 at 3:29am by iClarified
Photos have surfaced of a mysterious 'GrayKey' device that can reveal your iPhone passcode to law enforcement agencies in just a few hours.

News of the device, which claims to be able to unlock pretty much any modern iPhone, first surfaced a couple weeks ago. Forbes reported that various police and forensics groups were offered access to the unlocking tool. For $15,000 the device permits 300 uses in an online mode requiring constant connectivity. For $30,000, the device works offline with unlimited uses. The GrayKey box is being sold by Greyshift, a company which appears to be run by an ex-Apple security engineer and long-time U.S. intelligence agency contractors.

Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]


Today, MalwareBytes posted the first photo of the device along with an explanation of how it's used. The device itself is about 4"x4"x2" with two Lightning cables sticking out of the front.

Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift.

Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Once the device is unlocked, the full contents of its filesystem are downloaded to the GrayKey device. From there, they can be accessed via a web interface on a connected computer and downloaded for further analysis. The full unencrypted contents of the keychain can also be downloaded.


Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Since Grayshift is allowing agencies to purchase an offline model of the device, it's just a matter of time until it falls into the wrong hands, if it hasn't already. This is a major security concern for all iOS users as it renders most passcodes useless.

Apple has yet to comment on the device. Presumably, if it gets a hold of the GrayKey box, the vulnerability could be patched with a software update. Please follow iClarified on Twitter, Facebook, or RSS for further developments.

Read More


Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (20)
You must login or register to add a comment...
lekdon234
lekdon234 - March 19, 2018 at 11:46am
to me its very wrong for this ideas,reason is this the thieves out there will now start stealing our iphones more and more which is unfair. so think twice.....
shane o MAc
shane o MAc - March 19, 2018 at 10:23pm
yeah until someone you love dies and you cant get their information, plus theres apple icloud locks.
Evas10n
Evas10n - March 17, 2018 at 9:13pm
I can see a court case coming with this.
Evas10n
Evas10n - March 17, 2018 at 9:10pm
What if, upon setting phone up you click on don’t use passcode but stick with face id only?
None45
None45 - March 16, 2018 at 10:32pm
I want one. Jokes aside, if you ha e something to hide stop using 4-6 digit passwords. Used a Alphabetical, Numerical and symbolic Password that’s 10 characters at minimum. It will take that thing years to crack. Alright, who has one for $40k ready to spend some money.
Kornmehl
Kornmehl - March 16, 2018 at 8:25pm
Is there any proof that this is true and not just an elaborate hoax?
?
? - March 16, 2018 at 2:00pm
Sarcasm?
BeSafePeople
BeSafePeople - March 16, 2018 at 10:16am
When you Change Passcode, tap on Passcode Options and choose Custom Alphanumeric Code and use 6-8 long alphanumeric characters as your passcode. Use different passcode for iCloud and your iPhone.
why?
why? - March 16, 2018 at 11:32am
It can still crack the code, it will just take longer.
tomheuod
tomheuod - March 16, 2018 at 10:06am
Probably in offline mode the device can be rendered useless by apple via software update on the phones (which takes time to propagate), but in online mode the device can be updated too. let the race begin!
Kendall Jenner
Kendall Jenner - March 16, 2018 at 10:04am
Law enforcement uses this? I would think criminals with stolen iDevices would use it. What happened to the 4th Amendment? Make sure you set the option to wipe after 10 failed pins...
that
that - March 16, 2018 at 11:31am
This doesn't keep trying different codes, this cracks the phone.
Camfella
Camfella - March 16, 2018 at 6:18am
Something doesn’t seem right about an ex employee using his knowledge of the hardware to turn around and screw the employer?
waheb09
waheb09 - March 16, 2018 at 5:33am
For 15000 !! I'll take 2 and I'll give them the iphone and the passcode and a signed naked picture of me, now how about that for a deal! Huh
Joseph
Joseph - March 16, 2018 at 4:54am
“Vulnerability”. This is obviously the wrong word choice as this guy was claimed to be an ex Apple security engineer and also a government contractor. This was a built entrance by someone who understands/ built the component being used.
komo
komo - March 16, 2018 at 4:14am
what about faceid ?
this
this - March 16, 2018 at 11:29am
The phone still has a passcode.
gamerscul9870
gamerscul9870 - March 16, 2018 at 3:48am
Guess their will never be a next time since that one time in 2015 where the guy needed to unlock his iPhone for evidence within it but refused to and was held hostage until then.
curtixman
curtixman - March 16, 2018 at 3:43am
Guess now we know why the FBI stopped crying
The Watcher
The Watcher - March 16, 2018 at 3:41am
Build a better mousetrap, they build a better mouse...
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS