Siri-Based iPhone Exploit Reveals Contact Info Without Passcode


Shared publicly on YouTube by iDeviceHelp, a newly discovered iPhone exploit which requires precise timing in conjunction with access to Siri on the lock screen, gives hackers access to contact information, including photos and message logs, without requiring a passcode. The folks over at AppleInsider were able to repeat the steps necessary to invoke the attack on an iPhone SE, an iPhone 6 Plus, and an iPhone 6S Plus, but not on an iPhone 7 or 7 Plus.

Ios siri mac mac os

Here’s how it works:

Attackers with access to the device must call the phone, and start to send a message. After that, assailants instruct Siri to turn on voice over. For the next steps, timing is crucial. Attackers must double-tap the contact info bar, and hold the second tap on the bar, while immediately clicking on a keyboard which may or may not invoke in time for the exploit.

At this point, the attacker can type the first letter of a contact’s name, and then tap info button next to the contact to get information on the contact. The phone remains locked during the entire attack.

Meanwhile, another YouTube channel, EverythingApplePro, claims that the exploit works on any iPhone going back to iOS 8.0, including the new iPhone 7. Although Apple has been notified of the flaw, the only way to prevent the attack is to disable Siri while the phone is locked in the Touch ID & Passcode preferences.

Check out the Siri exploit in action in the following video:


  • einsteinbqat

    There really are people who spend their lives finding stuff like this…!

  • Mario Gaucher

    If you are really worried that someone will spy on you using this method, you should sell your iPhone and buy a simple dumb phone where you have to manually dial all numbers.
    Or you might as well desactivate siri on the lock screen…

  • Riddlemethis

    OMG. Who plays with their iPhone like this to have even discovered this flaw.

  • Erinn Krauss

    I saw this thing couple months ago, but the fixed the issue very fast, so no need to worry.

  • Mario Gaucher

    you are in fact posting a comment on an article that is a few months old… 😉