The GrayKey tool, designed to allow police and other entities to access locked iPhones, has gained a new feature thanks to which you can capture device lock code. A fact that would be achieved by installing malware on the phone before returning it to the suspect.

From brute force to ignorance

We have known GrayKey for a long time, a tool developed by the company Grayshift and that allows brute force attacks on the phone to gain access and access the data. In function of password complexity access time varies. It takes about two hours to access a phone protected with a six-digit code, for a six-digit code the wait is up to three days. Passwords with letters and numbers, even if they are only six characters long, would represent years, if not centuries.

Given the situation, the Grayshift company has developed a new software that they have named Hide UI. With this software it is not necessary to attack the password by brute force, but capture it when the user enters it.

NBC explains it like this:

Law enforcement officers must install the undercover software and then set the stage to put a seized device back in the suspect’s hands, people familiar with the system said. […] For example, a law enforcement official could tell the suspect that he can call his lawyer or get some phone numbers out of the device. Once the suspect has done this, even if you lock your phone again, Hide UI will have stored the password in a text file that can be extracted the next time the phone connects to the GrayKey device. Law enforcement can use the password to unlock the phone and extract all the data stored on it.

Without a doubt, the practice, as John Gruber comments, is based on lack of owner knowledge Of the device:

Anyone who trusts their device after knowing it has been in the hands of the police is a fool. You would have to be stupid enough to fall for this, but there are a lot of stupid people out there.

Although police forces are expected to access information only when they have a search warrant, NBC found no search warrant mentioning Hide UI.

Without a doubt the debate between access through a search warrant and abuse is divided by a very thin line. Apple has been clear about it: “you can not create an access only for the good”, the bad will sooner or later find it.

Hide UI, the new Grayshift tool, allows you to extract the code from a locked iPhone