On New Year’s Day, a brute force hacking tool was released with the name of “iDict” that could penetrate into several iCloud accounts that were registered with weak passwords. The hacking tool used the security weakness in Apple’s iCloud servers to repeatedly guess the passwords until the right match is found. Apple fixed the issue by locking iCloud serves on January 2 so as to avoid unauthorized access to any user account.

iDict tool was developed by Prox13 who revealed that there was an obvious flaw in Apple’s iCloud which could be easily used to bypass security systems like passwords, security questions, and even the two-factor authentication.

iDict hacked user accounts by running through a long list of commonly used passwords until it hits the right one. Apple now blocks these “brute force attacks”, but the weakness was exposed in the security measures of iCloud.

It appears that Apple acted just in the nick of time to patch the security loophole. This is not the first time the security measures of iCloud are challenged. Earlier in August 2014, a group of hackers breached all security barriers to get personal photos from a lot of profiles. Hundreds of naked photographs were leaked online. After that incident, Tim Cook promised that he will take measures to strengthen the security of iCloud servers by including alerts and using two-factor authentication. However, the recent hacking attempt suggests that Apple needs to beef up security of iCloud even more.