|
Title: Apple blocks tool that brute-forces iCloud passwords Post by: HCK on January 09, 2015, 09:00:18 am Apple blocks tool that brute-forces iCloud passwords
<article> <section class="page"> <p> Apple has fixed an issue that could have allowed attackers to launch brute-force attacks against iCloud users in order to guess their passwords.</p><p> The problem came to light after a proof-of-concept attack tool called iDict (https://github.com/Pr0x13/iDict) was released on GitHub in early January.</p><p> Developed by a user who uses the online alias Pr0x13, the tool was described as “100% Working iCloud Apple ID Dictionary attack that bypasses Account Lockout restrictions and Secondary Authentication on any account.”</p><p> It worked by trying out a large number of passwords for the targeted Apple IDs. By default the tool came with a file—also called a dictionary—containing 500 commonly used passwords, but the list could have easily been extended.</p><p class="jumpTag"><a href="/article/2866872/apple-blocks-tool-that-bruteforces-icloud-passwords.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article> Source: Apple blocks tool that brute-forces iCloud passwords (http://www.macworld.com/article/2866872/apple-blocks-tool-that-bruteforces-icloud-passwords.html#tk.rss_all) |