Apple Warned About iCloud Security Flaw in March by Developer

Apple Warned About iCloud Security Flaw in March by Developer

A London-based software engineer had previously alerted Apple to a significant security flaw in iCloud, which could be exploited through a brute-force attack, several months before the platform was linked to a massive leak involving private celebrity photos and videos. According to The Daily Dot, the developer, Ibrahim Balic, had communicated this vulnerability to Apple via email starting in March.

Balic had documented his communications with an Apple representative, showing that he had warned the company about the potential for bypassing the account lockout defenses, which should prevent multiple incorrect password attempts.

Apple Warned About iCloud Security Flaw in March by Developer

Despite these precautions, Balic was able to make over 20,000 password attempts in a short period during his tests. This kind of vulnerability is particularly concerning as it is a common method used by attackers to compromise accounts across various services, which typically have measures to lock an account after numerous failed login attempts.

Apple did respond to Balic’s findings, acknowledging the issue and noting that exploiting this vulnerability would be highly time-consuming.

Balic also went through the proper channels to report the bug formally on Apple’s developer website.

Following the scandal involving the leaks of private celebrity images, Apple made adjustments to its security protocols to address the brute-force attack vulnerability and enhanced its two-factor authentication features. Despite these changes, Apple’s official statements have consistently denied that the leaks were the result of any direct breach of their systems.

Share This Article

Anthony is a dedicated writer for TUAW, bringing readers the latest news and insights about Apple products. With a keen eye for detail, Anthony covers everything from the newest iPhone releases to the latest updates on the MacBook Pro and Apple Watch. His articles are known for their clarity and depth, making complex tech topics accessible to everyone. When he’s not writing, Anthony enjoys exploring new features on his iPad and staying ahead of the curve in the ever-evolving world of Apple technology.