iCloud is not safe again. New tool surpasses the limit again

Although Apple has stepped up password security after the iCloud nude photo scandal and claimed to have fixed the password attempt limit vulnerability, the latest source code uploaded to GitHub shows that a tool seems to have discovered a new vulnerability that can bypass this protection again to brute-force Apple ID. The tool is called iDICT, and its attack principle is nothing more than a simple brute-force method, that is, using a dictionary containing 500 passwords to crack any iCloud account, and these 500 attempts can successfully pass Apple's limit monitoring. This means that if the dictionary happens to contain a password that matches the target account, iCloud will be cracked.

Obviously, the current success rate of this tool is negligible, but don't forget that hackers can generate more complex and larger password dictionaries, so there is still a certain probability that this vulnerability will threaten the security of iCloud accounts again.

With the previous experience, I believe Apple will fix this vulnerability soon. But for now, just in case, users are better off increasing the complexity of their iCloud passwords.

Link to this article: http://www.cocoachina.com/apple/20150104/10820.html