iDict used a hole in Apple’s security to repeatedly guess user passwords, allowing hackers to access any account given enough time. Pr0x13 had claimed that the bug was “painfully obvious” and “was only a matter of time” before hackers or cyber criminals found it. Pr014 had stated that the flaw in Apple’s iCloud can be used to bypass security systems like passwords, security questions, and even two-factor authentication. iDict worked by guessing a user’s password by running through a long list of commonly used passwords until it hit upon the right one. Apple blocks these “brute force” attacks, but it seems that there was a hole in its security that iDict exploited. Apple engineers worked overtime to address this flaw by implementing a Rate Limiter. The rate limiter feature now in place, blocks the users who try to access iCloud accounts more than three times. Pr013 also got the message that Apple has patched the hole and took to Twitter. He warned users not to use iDict as that would mean tester getting his/own iCloud being locked.
— ! ? (@pr0x13) January 2, 2015 Apple has been surround with controversy regarding iClouds in 2013 when hackers managed to hack into several Hollywood celebrity iCloud accounts and leak up and personal photos on popular image boarding sites like 4Chan. The leaks forced Apple to implement the 2-Factor authentication on iCloud storage service. It remains to be seen whether somebody exploited the flaw in iCloud in the timeframe of Pr0x13’s release of the tool and Apples patching of iCloud with Rate Limiter.