Hacking your iCloud files just got easier, even with two-step enabled

Sponsored Links

Steve Dent
December 18, 2014 8:08 AM
Hacking your iCloud files just got easier, even with two-step enabled

An update to Elcomsoft's Phone Breaker software now makes it easier for bad guys to bypass Apple's vaunted new two-factor authentication to steal your iCloud stuff. As before, the hackers would need some information to start with -- either your Apple ID/password plus a two-factor code, or a digital token stolen from, say, your laptop. That would give them access to your account anyway, but here's the kicker: The Phone Breaker app can then create a digital token granting intruders permanent access without a two-step code until you change the password. It also allows someone to view all your iCloud files at a glance, making it easier to pick and choose which to steal. The tool is used legitimately by law enforcement to access lawbreakers' phones, but was also recently implicated in a celebrity phone hack.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
View All Comments
Hacking your iCloud files just got easier, even with two-step enabled