Hickey said that when an iPhone is plugged in and a hacker sends it passcode guesses using keyboard input (as opposed to typing on the screen), the action triggers an interrupt request that takes precedence over everything else. That means the iPhone would be too busy to erase the device if the attacker sends it one passcode guess after another. As a result, they can guess as many times as they want instead of being limited to 10 guesses.

Hickey said he already reported the vulnerability to Apple, noting that the bug isn't difficult to identify and that there are probably other people who'd already found it before he did. Companies like Cellebrite, which unlocked the San Bernardino shooter's phone for the feds, and GrayKey's maker might even be using a similar brute force technique and taking advantage of the same bug to break into iPhones.

Cupertino might also be already aware of the vulnerability, which is why iOS 12 will feature a Restricted mode that will cut off an iPhone's ability to connect to a USB accessory plugged into it after an hour. Since it takes much more than an hour to send a device every passcode combination possible, the new feature could prevent hackers and cracking devices from force unlocking iPhones.

Check out Hickey's method in action below:

Update: Here's a follow-up tweet from the researcher.