How Can the Authorities and Police Hack Into Locked iPhones?



There is no doubt that the iPhone is one of the most (if not the most) secure smartphones in the world, but that does not mean that it cannot be hacked.

Unfortunately, there are a few ways anyone can hack into your iPhone and get your data. The bad news is that many law enforcement agencies and police departments have gotten their hands on these methods so they can retrieve information from pretty much everyone.

A good example is the infamous GrayKey device, a small machine that is capable of cracking the password on your iPhone and retrieving all kinds of information.

For the most part, GrayKey has been a bit of a controversial mystery, but recently we’ve found more information on how it works.

Here’s what you need to know.

What is GrayKey?

GrayKey is a hacking device developed by Grayshift, a Atlanta-based company that aims to help government and police.

As Grayshift puts it, GrayKey is “a state-of-the-art forensic access tool that extracts encrypted or inaccessible data from mobile devices.”

What makes GrayKey so popular is that it’s actually one of the best tools for hacking into iPhones and Apple devices. So much so that it has been reported to be used by the police several times.

If you think this makes Android devices more secure, think again. Earlier this year, Grayshift announced that GrayKey would also work with “leading Android mobile devices”, such as the Samsung Galaxy S20 and Samsung Galaxy S9, although we would no longer call the latter a leading Android device.

How does GrayKey work?

Until recently, we did not have many details on how police can use GrayKey to hack into locked iPhones. Grayshift had done a pretty good job of keeping the process to itself. But a recently leaked document shows how GrayKey can use a brute force method to access any iPhone.

These documents were allegedly written by the San Diego Police Department.

According to these documents, when you connect GrayKey to an iPhone, it registers the alphanumeric password and tries to install an agent that will use a text file with over 63 million passwords until it finds the password to unlock the iPhone. This process can take a really long time. According to the leaked document, this process can take up to 183 days to process the entire list. Therefore, we recommend that you stop using these easy-to-guess iPhone passwords.

What’s even cooler – or should we say more creepy – is that the analyst using GrayKey could also install something the leaked documentation calls hideUi, an app that will secretly run on a person’s iPhone and record the user’s password. That way, if the GrayKey analyst can’t hold the iPhone or iPad long enough, they have another way of finding out the suspect’s password.

Apple vs GrayKey

Apple has been something of a cat-and-mouse game with Grayshift. Apple has worked really hard to make the iPhone’s security stronger so GrayKey can not hack it, but Grayshift has always found ways to GrayKey work.

Confidentiality and ensuring that your data remains private has always been one of Apple’s goals, so the company is always looking for ways to lock out GrayKey.

Back in 2018, there was news that Apple apparently managed to “kill” GrayKey as it could no longer hack into the iPhone X. Police Captain John Scherwin of the Rochester Police Department in Minnesota said we should “Give it time, and “I’m sure a solution will be developed and then the cycle will repeat itself. Someone always builds a better mousetrap, whether it’s Apple or someone trying to defeat device security.” And look, he was right.

Although no one knew how Apple did it, Grayshift found a way to keep hacking iPhones and iPads with GrayKey. A recent example is a case in 2019 where the FBI allegedly used GrayKey to gain access to an iPhone 11 Pro when he investigated Baris Ali Koch, who helped his brother escape from the United States.

Will GrayKey ever stop working?

In a word, unlikely. As Captain Scherwin said, there will always be a way for someone to hack into any smart device – there are always solutions. However, Apple may find a way to stop GrayKey from working temporarily. There have been rumors of a portless iPhone coming in the near future. If true, it is possible that GrayKey does not work, as there would be no way to connect it. While this may be more of a temporary solution for Apple, it will be a way for people to keep their data private, even from the government.