Share:

GrayKey Raises Security Concerns with Pocket-Sized iPhone Unlocking Device

Share:

A product made by Cellebrite competitor GrayKey is raising security concerns over a standalone device capable of unlocking iPhones.

A new report from Malwarebytes has shared photos and additional information about the product, which is designed for law enforcement officials. Created by a company called Grayshift, GrayKey is a small, portable gray box equipped with dual Lightning cables.

While Cellebrite requires law enforcement agencies to submit the device for unlocking, the new product is sold directly to law enforcement and can be used at will in both the form of a geo-locked $15,000 USD device which requires an internet connection and an unlocked $30,000 device that can be used anywhere and offline.

Two iPhones can be connected to the device at once, reads the report. Once plugged in, GrayKey installs proprietor software that guesses an iPhone’s passcode. For a short, four-digit passcode, the box takes as little as a couple hours to unlock it. For longer, six-digit passcode, the process can take several days.

Once it guesses the passcode, it’s displayed directly on the iPhone’s display. Once unlocked, GrayKey can access all of the device’s unencrypted data — which can be then be downloaded to a computer.

The report suspects that, like the better-known Cellebrite unlocking tools, GrayKey uses one or more zero-day flaws in iOS to brute-force unlock the handsets. From there, law enforcement can use a browser to view the contents of the handset and its keychain.

The device can apparently unlock most Lightning-equipped iPhone devices running newer versions of iOS. Based on the pictures obtained by the security firm, the device is confirmed to be able to unlock an iPhone X running iOS 11.2.5.

The problem arises when the device, a 4x4x2-inch box, is stolen from police or otherwise put into the wrong hands. In particular, the more expensive “offline” model that runs with nothing more than a hardware token for authentication.

“Once off-site, it would continue to work,” reads the report. “Such a device could fetch a high price on the black market, giving thieves the ability to unlock and resell stolen phones, as well as access to the high-value data on those phones.”

Share: