Elcomsoft

Four 'Elcomsoft' stories September 2014 - December 2019

Email usernames and passwords can be extracted from locked iPhones on iOS 13.3

Ben Lovejoy Dec 20 2019 - 6:30 am PT

Elcomsoft can access some data from locked iPhones

Elcomsoft, a company which sells tools to law enforcement agencies to access locked iPhones, says that it is now able to extract some data from devices running any version of iOS from 12.0 to 13.3.

It relies on the checkm8 exploit of a vulnerability present in most A-series chips, which made possible the Checkra1n jailbreak.

Crucially, Elcomsoft says that the $1,495 tool works even when the iPhone is in its most secure state, known as BFU…

Expand
Expanding
Close

Here’s why people are saying iCloud is secretly storing your ‘deleted’ Safari history

Jordan Kahn Feb 9 2017 - 10:40 am PT

0 Comments

icloud-safari-clear-history A report shared earlier today by Elcomsoft’s CEO Vladimir Katalov claimed your iCloud account may have been storing more Safari history than it should, pointing to a database of “deleted” browsing history that could be extracted in plain text to reveal URLs. But the data is outdated and we’ve learned from sources that the problem has been fixed for the majority of users for almost a year and for the rest quickly after the issue was discovered.

The data that Apple does store is kept for good reason…
Expand
Expanding
Close

Phone Breaker iCloud-hacking software now supports 2FA, allows access to WhatsApp & iWork files

Ben Lovejoy Dec 18 2014 - 5:46 am PT

5 Comments

icloud-hack

Elcomsoft’s Phone Breaker software, used by law enforcement agencies but also thought to have been used by iCloud hackers to access celebrity nudes, has been updated to support accounts using two-factor authentication, reports MacWorld. It can also now access WhatsApp message files and iWork documents.

It’s not as scary as it sounds – the software can only be used once the attacker already has an Apple ID and password, together with either a second trusted device or your recovery key. A phishing attack is the most common way to obtain these, so as long as you use strong, unique passwords and don’t click on links in emails claiming to be from Apple, you should be safe. But it does allow users of the software to download either entire iPhone backups or selected data direct from iCloud much more easily than having to go through a compromised device by hand.

The more security-conscious will, though, want to heed Apple’s advice not to store your account recovery code on any of your devices: the software can automatically scan both your Mac and any external drives for these.

If you don’t yet have a recovery code for your Apple ID, do get one: even an unsuccessful hack attempt can lock you out of your account, and without a recovery key, there’s no way back in.

Via Engadget

Metadata analysis of leaked photos suggest complete iPhone backups obtained

Ben Lovejoy Sep 3 2014 - 4:48 am PT

20 Comments

eppb

A forensics consult and security researcher who analyzed metadata from leaked photos of Kate Upton said that the photos appear to have been obtained using software intended for use by law enforcement officials, reports Wired. The software, Elcomsoft Phone Password Breaker (EPPB), allows users to download a complete backup of all data on an iPhone once the iCloud ID and password have been obtained.

If a hacker can obtain a user’s iCloud username and password with iBrute, he or she can log in to the victim’s iCloud.com account to steal photos. But if attackers instead impersonate the user’s device with Elcomsoft’s tool, the desktop application allows them to download the entire iPhone or iPad backup as a single folder, says Jonathan Zdziarski, a forensics consult and security researcher. That gives the intruders access to far more data, he says, including videos, application data, contacts, and text messages …

Expand
Expanding
Close