New Tool iDict Can Apparently Hack Any iCloud Account, Here’s How It Works

Apple’s security has been under the microscope on more than one occasion in recent times, none more high profile than the widespread leak of celebrity private images back in late August of last year. But at that time, Apple stepped out and dispelled any notion of responsibility, claiming that those stung were hit due to the frailty of their passwords and lack of two-step verification, and with a new iCloud-based hack having emerged over the past few hours, it seems that those with weak password combos are once again susceptible.

The importance of using robust combination for a password, but utilizing an assortment of alphanumerical characters and symbols, is still lost on many, and the blasé attitude to security in general allows even the most basic of hacks to affect many. Case in point, a new iCloud hack that poses as a legitimate app, called ‘iDict’, it’s incredibly simple in how it goes about its business, breaking through accounts with obvious passwords by trying out the 500 combinations included, and if you’re an iCloud user with a weak password, there’s a decent chance that iDict would catch you out as well.

iCloud main

Once again, if ever a reminder was needed, this incident underlines the importance of using a decent password. It also highlights a rather glaring oversight on Apple’s part, in that users can try a password multiple times without being locked out. This point was made previously with aforementioned celebrity leaks, and while users were essentially blamed on that occasion, it’s clear that the Cupertino company could do more to protect and preserve the security of its users.

The fact that a simple, brute force attack could undermine the entire iCloud infrastructure, or at least, those with weaker passwords, should prompt Apple into some kind of action, although whether it will or not remains to be seen.

screen-shot-2015-01-02-at-14-13-12

For now, though, if you don’t want to encounter any nasty surprises, be sure to pick a password that is not only strong and impossible to guess, but one that you do not use on another site. In the wrong hands, a hack like iDict could easily gain access to your Apple account, so always be sure to use two factor verification wherever possible.

(via: 9to5Mac)

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the web.