Apple blocks tool that brute-forces iCloud passwords<article>
<section class="page">
<p>
Apple has fixed an issue that could have allowed attackers to launch brute-force attacks against iCloud users in order to guess their passwords.</p><p>
The problem came to light after a
proof-of-concept attack tool called iDict was released on GitHub in early January.</p><p>
Developed by a user who uses the online alias Pr0x13, the tool was described as “100% Working iCloud Apple ID Dictionary attack that bypasses Account Lockout restrictions and Secondary Authentication on any account.”</p><p>
It worked by trying out a large number of passwords for the targeted Apple IDs. By default the tool came with a file—also called a dictionary—containing 500 commonly used passwords, but the list could have easily been extended.</p><p class="jumpTag"><a href="/article/2866872/apple-blocks-tool-that-bruteforces-icloud-passwords.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
Apple blocks tool that brute-forces iCloud passwords
