Not long ago, it transcended to the current situation of the sector that a company called Grayshift had software capable of Unlock any iPhone with iOS 10 or iOS 11 . Details on how it violated the Apple security in his smartphones it was a mystery. Now we have some additional details about it, mainly thanks to the publication of a GrayKey photography , the tool in charge of the process.
Since the attempts of the US government to unblock the San Bernardino terrorist’s iPhone in the US were made public, not only has the debate intensified over whether it is moral or not that the manufacturer refuses, or not, to facilitate the measures appropriate to access the private information stored in the terminal. It has also appeared the name of companies -and the one of its software- that promise to be able to offer the necessary methods to overcome the security barriers of the Apple terminals. Among these was Grayshift.
New details about Grayshift
At MovilZona we also echoed the promises of this company, which emerged shortly after the appearance on the scene of Cellebrite . It indicated that it had a tool capable of Unlock any iPhone with iOS 11 , including new models, both iPhone 8 and iPhone X.
At that time, no more details were provided than the two modalities to obtain the tool. One more “economic” for $ 15,000, with certain limitations, and another for $ 30,000, this one able to unlock an unlimited number of iPhones.
Now, thanks to a report prepared by MalwareBytes we know some more details about Grayshift and its “promising” tool.
GrayKey, the key to access any iPhone
It turns out that this miraculous gateway to any iPhone is a small box with two Lightning sockets, as illustrated in the photograph.
This box – called GrayKey – is in charge of injecting software to the iPhone in question. It only requires a time lapse of just over two minutes. Enough time for the software to run on the iPhone and it starts working instantly. Depending on the length of the PIN or password used by the user, that software is able to find the password in two hours or up to four or five days.
The password is automatically displayed on the iPhone screen, as illustrated by the screenshots found in the MalwareBytes security report. Also, the GrayKey box allows you to make a copy of all the content of the iPhone after being connected back to one of the pins in the box.
A risk to Apple’s security
The reason for the publication of the MalwareBytes report it is none other than the exposure of the possible risks involved in the commercialization of this type of instrument. And, as the report details, there is no precision about the type of GrayShift customers.
At first it was said that it was a service offered to the government intelligence services. However, the report reveals the risk that this tool may have on the black market. It would become a way for the theft of iPhones to be a round business.
Likewise, MalwareBytes points to a possible reverse engineering action on the GrayKey software. In this way, once discovered the mechanism of action of the software, it would be possible that alternative models or copies of lower cost were created and sold, again with the consequent risk that supposes.