Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Posted by · 23079 views · Translate

Photos have surfaced of a mysterious 'GrayKey' device that can reveal your iPhone passcode to law enforcement agencies in just a few hours.

News of the device, which claims to be able to unlock pretty much any modern iPhone, first surfaced a couple weeks ago. Forbes reported that various police and forensics groups were offered access to the unlocking tool. For $15,000 the device permits 300 uses in an online mode requiring constant connectivity. For $30,000, the device works offline with unlimited uses. The GrayKey box is being sold by Greyshift, a company which appears to be run by an ex-Apple security engineer and long-time U.S. intelligence agency contractors.

Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Today, MalwareBytes posted the first photo of the device along with an explanation of how it's used. The device itself is about 4"x4"x2" with two Lightning cables sticking out of the front.

Two iPhones can be connected at one time, and are connected for about two minutes. After that, they are disconnected from the device, but are not yet cracked. Some time later, the phones will display a black screen with the passcode, among other information. The exact length of time varies, taking about two hours in the observations of our source. It can take up to three days or longer for six-digit passcodes, according to Grayshift documents, and the time needed for longer passphrases is not mentioned. Even disabled phones can be unlocked, according to Grayshift.

Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Once the device is unlocked, the full contents of its filesystem are downloaded to the GrayKey device. From there, they can be accessed via a web interface on a connected computer and downloaded for further analysis. The full unencrypted contents of the keychain can also be downloaded.

Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

Since Grayshift is allowing agencies to purchase an offline model of the device, it's just a matter of time until it falls into the wrong hands, if it hasn't already. This is a major security concern for all iOS users as it renders most passcodes useless.

Apple has yet to comment on the device. Presumably, if it gets a hold of the GrayKey box, the vulnerability could be patched with a software update. Please follow iClarified on Twitter, Facebook, Google+, or RSS for further developments.

Read More


Mysterious 'GrayKey' Device Reveals Your iPhone Passcode to Law Enforcement [Photos]

lekdon234 - March 19, 2018 at 11:46am
to me its very wrong for this ideas,reason is this the thieves out there will now start stealing our iphones more and more which is unfair. so think twice.....
shane o MAc - March 19, 2018 at 10:23pm
yeah until someone you love dies and you cant get their information, plus theres apple icloud locks.
Evas10n - March 17, 2018 at 9:13pm
I can see a court case coming with this.
Evas10n - March 17, 2018 at 9:10pm
What if, upon setting phone up you click on don’t use passcode but stick with face id only?
Art - March 16, 2018 at 10:32pm
I want one. Jokes aside, if you ha e something to hide stop using 4-6 digit passwords. Used a Alphabetical, Numerical and symbolic Password that’s 10 characters at minimum. It will take that thing years to crack. Alright, who has one for $40k ready to spend some money.
16 More Comments
Recent