Monthly Archives: March 2018

Mysterious GrayKey – iPhone Unlocking Box

According to MacRumors’s report, news of a previously-unknown iPhone unlocking device called GrayKey surfaced, and today, MalwareBytes shared photos and additional information about the product, which is designed for law enforcement officials.

It is said that GrayKey is a small, portable gray box equipped with dual Lightning cables. Created by a company named Grayshift.

Graykey

Two iPhones can be connected to the GrayKey at once, and need to be connected for about two minutes to install proprietary software that’s designed to guess the passcode for an iPhone. Once the software is installed, it will work to crack the passcode, a process that can take as little as a few hours for a short passcode or several days for a longer six-digit passcode.

graykey pass

Once the GrayKey software has cracked the passcode, it’ll be displayed right on the screen of the iPhone. The iPhone can then be plugged back into the GrayKey to download all of the data on the iPhone, including the unencrypted contents of the Keychain, which can then be accessed using a computer.

graykey ios

Based on screenshots, the GrayKey can crack modern iPhones running modern versions of iOS. It works with the iPhone X and iOS 11.2.5, the version of iOS that was likely available when the screenshots were captured. It probably also works with iOS 11.2.6, unless Apple has managed to block it in the latest operating system update.

graykey iphone x

Grayshift presumably designed the GrayKey for law enforcement professionals, and it’s relatively expensive. A $15,000 option requires internet connectivity and is geofenced to a specific location once set up, while a $30,000 option requires no internet connection and can be used anywhere.

MalwareBytes worries that the portable version of the GrayKey could easily fall into the wrong hands. It uses two-factor authentication, but given that people “often write passwords on stickies and put them on their monitors,” it’s possible the token could be kept in the same location as the device.

How the GrayKey works is not known, but it’s believed to be using some sort of jailbreaking process that could damage iPhones in some way. It’s also not known how the GrayKey device itself is protecting data that’s stored on it, and whether or not the data could be remotely accessed by hackers.

Apple is continually working to fix the kinds of exploits used by devices like the GrayKey, so it’s possible whatever mechanism the box uses will be fixed in a future update. The average iPhone owner likely doesn’t need to worry about the GrayKey, but as MalwareBytes points out, it is troublesome knowing such a device could fall into the hands of malicious entities.

For more information and questions, welcome to leave messages and discuss with us.