Siri-Based iPhone Exploit Reveals Contact Info Without Passcode

Shared publicly on YouTube by iDeviceHelp, a newly discovered iPhone exploit which requires precise timing in conjunction with access to Siri on the lock screen, gives hackers access to contact information, including photos and message logs, without requiring a passcode. The folks over at AppleInsider were able to repeat the steps necessary to invoke the attack on an iPhone SE, an iPhone 6 Plus, and an iPhone 6S Plus, but not on an iPhone 7 or 7 Plus.

Ios siri mac mac os

Here’s how it works:

Attackers with access to the device must call the phone, and start to send a message. After that, assailants instruct Siri to turn on voice over. For the next steps, timing is crucial. Attackers must double-tap the contact info bar, and hold the second tap on the bar, while immediately clicking on a keyboard which may or may not invoke in time for the exploit.

At this point, the attacker can type the first letter of a contact’s name, and then tap info button next to the contact to get information on the contact. The phone remains locked during the entire attack.

Meanwhile, another YouTube channel, EverythingApplePro, claims that the exploit works on any iPhone going back to iOS 8.0, including the new iPhone 7. Although Apple has been notified of the flaw, the only way to prevent the attack is to disable Siri while the phone is locked in the Touch ID & Passcode preferences.

Check out the Siri exploit in action in the following video:

Youtube video

Want to see more of our stories on Google?

Add iPhone in Canada as a Preferred Source on Google

P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!

Subscribe
Notify of
guest
5 Comments
Oldest
Newest Most Voted
einsteinbqat
einsteinbqat
9 years ago

There really are people who spend their lives finding stuff like this…!

Mario Gaucher
Mario Gaucher
9 years ago

If you are really worried that someone will spy on you using this method, you should sell your iPhone and buy a simple dumb phone where you have to manually dial all numbers.
Or you might as well desactivate siri on the lock screen…

Riddlemethis
Riddlemethis
9 years ago

OMG. Who plays with their iPhone like this to have even discovered this flaw.

Erinn Krauss
Erinn Krauss
9 years ago

I saw this thing couple months ago, but the fixed the issue very fast, so no need to worry.

Mario Gaucher
Mario Gaucher
Reply to  Erinn Krauss
9 years ago

you are in fact posting a comment on an article that is a few months old… 😉

5
0
Would love your thoughts, please comment.x
()
x