Grayshift Explained

Grayshift is an American mobile device forensics company which makes a device named GrayKey to crack iPhones, iPads, and Android devices. In 2023, it merged with the Canadian firm Magnet Forensics.^[1]

Grayshift was co-founded by David Miles, Braden Thomas, Justin Fisher and Sean Larsson.^[2] The company is funded by private investors PeakEquity Partners and C&B Capital.^{[3] [4]} As of 2023, it was majority controlled by investment firm Thoma Bravo.^[5]

Grayshift was founded in 2016, and as of 2018 was a privately held company based in Atlanta, Georgia, with less than 50 employees.^[6] In 2017, rumors started to circulate that it had created a device able to unlock iPhones, following the Apple–FBI encryption dispute where US law enforcement agencies unsuccessfully tried to compel Apple to write software that would enable the government bypass these devices' security and unlock the phones.

The GrayKey product has been used by the FBI and U.S., British and Canadian local police forces.^{[7] [8] [9] [10] [11] [12]} In 2022, the company stated that GrayKey was being used "by thousands of law enforcement and government defense agencies across 30 countries worldwide, including France, United Kingdom, Germany, Sweden, Spain, and Italy".^[13]

According to media reports, GrayKey costs US$15,000 to US$30,000 per copy depending on the functional options chosen.^[14] As of 2018, the device consisted of a gray box, 4 inches by 4 inches by 2 inches in size, with two Lightning cables. In 2022, photos of the "GrayKey 2.0" device were revealed in an FCC filing.^[15]

The GrayKey reportedly provides support for iPhones running iOS 9 and later.^[16] Around 2019, Apple modified iOS so that external device connections must be authorized by the iPhone owner after it has been unlocked.^[17] On newer iPhone models, only unencrypted files and some metadata might be extracted. With earlier models, full data extraction, such as decrypting encrypted files, is possible.^[18] As of 2021, GrayKey was able to perform successful brute-force attack against iOS devices in some situations, with Grayshift being "constantly in a cat-and-mouse game with Apple", which continually works to fix the security exploits used by GrayKey.^[19] In 2022, Motherboard concluded that "while it’s unclear exactly how it achieves it, GrayKey bruteforces the iPhone or Android phone’s passcode and unlocks it—essentially hacking the phone—allowing customers to access and extract data from the phones."

In 2018, hackers obtained the GrayKey source code, and attempted to extort a payment of 2 bitcoins from Grayshift after leaking "small chunks of code".^{[20] [21]}

GrayKey with Android support was released in early 2021.^[22] According to a March 2024 announcement, Graykey has "full support" for iOS 17 devices, Samsung's Galaxy S24 smartphones, and Google's Pixel 6 and Pixel 7 devices.

In 2023, it was announced that Grayshift would merge with the Canadian firm Magnet Forensics, following the latter's acquisition for $1.35 billion by investment firm Thoma Bravo, which also owned the majority of Grayshift at the time. The merger was completed later the same year.^[1]

External links

• • 2022 FCC filing with photos of the GrayKey device

Notes and References

1. https://www.cbc.ca/news/canada/ottawa/federal-canada-government-department-privacy-1.7041255
2. Web site: Leadership . 2021-01-04 .
3. Web site: Investors and Advisors . 2021-01-04 .
4. Web site: Grayshift, The Startup That Breaks Into iPhones For The Feds, Raises $47 Million . . 2021-01-04 . 2020-10-26 .
5. Web site: 2023-01-23 . Magnet Forensics to Merge With Grayshift After $1.35B Buyout . 2024-07-17 . GovTech . en.
6. Web site: Reed . Thomas . 2018-03-14 . GrayKey iPhone unlocker poses serious security concerns Malwarebytes Labs . 2024-07-17 . . en.
7. Web site: Report: The FBI recently unlocked an iPhone 11 Pro with GrayKey, raising more doubts about the Pensacola case. Miller. Chance. 2020-01-16. 9to5Mac. en-US. 2020-01-16.
8. Web site: Mysterious $15,000 'GrayKey' Promises To Unlock iPhone X For The Feds. Fox-Brewster. Thomas. March 5, 2018. Forbes. en. 2020-01-16.
9. UK police are buying top secret hacking tech to break into iPhones. Burgess. Matt. 2018-10-19. Wired UK. 2020-01-16. 1357-0978.
10. Web site: Cops Around the Country Can Now Unlock iPhones, Records Show. Cox. Joseph. 2018-04-12. . en. 2020-01-16.
11. Web site: Waterloo Regional Police have a device that can crack locked phones . 2021-01-04 . 2021-01-03 . en .
12. Web site: More questions than answers as Guelph Police confirm ownership of controversial forensic tool . 2021-01-04 . 2020-12-02 .
13. Grayshift . Grayshift Announces Office in France and Continues to Invest in European Growth . 2022-07-12 . www.prnewswire.com . en.
14. News: The Police Can Probably Break Into Your Phone . The New York Times . 2021-01-04 . 2020-10-21 . Nicas . Jack .
15. Web site: Franceschi-Bicchierai . Lorenzo . 2022-09-30 . This Is the 'GrayKey 2.0,' the Tool Cops Use to Hack Phones . 2024-07-17 . Vice . en.
16. Web site: FBI got data from a locked iPhone 11 using GrayKey: how does this tool work?. 22 January 2020. 2021-01-04.
17. Web site: 2019-09-27 . USB Restricted Mode in iOS 13: Apple vs. GrayKey, Round Two . 2024-07-17 . ElcomSoft blog . en-US.
18. Fukami . Aya . Stoykova . Radina . Geradts . Zeno . 2021-09-01 . A new model for forensic data extraction from encrypted mobile devices . Forensic Science International: Digital Investigation . 38 . 301169 . 10.1016/j.fsidi.2021.301169 . 2666-2817. free .
19. Web site: Cox . Joseph . 2021-06-22 . Instructions Show How Cops Use GrayKey to Brute Force iPhones . 2024-07-17 . Vice . en.
20. Web site: Look, a GrayKey interface on the internet! . 2021-01-04 . 2018-05-25 .
21. Web site: Hackers Leaked The Code Of iPhone Cracking Device "GrayKey", Attempted Extortion . 2021-01-04 . 2018-05-24 .
22. Web site: Grayshift Introduces Android Support on GrayKey. 2021-05-25. Grayshift. en.