iPhone 5S Fingerprint Hack Can Take Over Apple Accounts

A recently discovered iPhone 5S fingerprint hack allows 3rd party users to take over a users Apple account.

German security firm SRL recently discovered that an image of a fingerprint is enough to successfully unlock a users device and perform identity theft.

In a blog post on the SLR website the company writes:

“Users leave copies of their fingerprints everywhere; including on the devices they protect. Fingerprints are not fit for secure local user authentication as long as spoofs (‘fake fingers’) can be produced from these pervasive copies.”

The iPhone 5S fingerprint hack is fairly simple to accomplish. First, a thief would need to turn on the devices Airplane Mode. If a users hasn’t changed the phones default setting they can access Airplane Mode via the Control Center on the lock screen. With wireless connections disabled an iPhone 5S owner can’t perform a remote wipe.

Hackers must then obtain a persons fingerprint and take a picture of that print. Because many users leave fingerprints directly on their iPhone 5S they are not all that hard to obtain.

In a posted video (shown above) the team demonstrates how to create a fake fingerprint on a laminated sheet and then attach it to one of their fingers.

If a user has not turned on two-factor authentication for their Apple account the hacker can then gain access to that account. With access to the device the hacker could easily check through documents and emails for passwords or request password reset options from Apple.

Users who want to avoid this type of iPhone 5S Fingerprint hack are told to initialize two-factor authentication and remotely wipe their devices the moment they are stolen.