Archive for the ‘Tips & Tricks’ Category

ElcomSoft Open Letter on Latest Developments in iCloud Security

Wednesday, December 17th, 2014

In light of recent security outbreaks, Apple introduced a number of changes to its security policies. As one of the leading security companies and a major supplier of forensic software for iOS devices, ElcomSoft is being constantly approached by IT security specialists, journalists and forensic experts. The most common question is: how will the new security measures affect iOS forensics? (more…)

Breaking Into iCloud: No Password Required

Tuesday, June 17th, 2014

With little news on physical acquisition of the newer iPhones, we made every effort to explore the alternatives. One of the alternatives to physical acquisition is over-the-air acquisition from Apple iCloud, allowing investigators accessing cloud backups stored in the cloud. While this is old news (we learned to download data from iCloud more than two years ago), this time we have something completely different: access to iCloud backups without a password! The latest release of Phone Password Breaker is all about password-free acquisition of iCloud backups. (more…)

Phone Password Breaker with all-new UI, BlackBerry 10 support, and downloading Windows Phone 8 data from the cloud

Thursday, May 8th, 2014

This time, we are updating our bread-and-butter mobile forensic tool, Elcomsoft Phone Password Breaker, to version 3.0 (beta). This new version has many things that are new or have changed. Let’s see what’s new, and why. (more…)

Everything You Always Wanted to Know About iTunes and iCloud Backups But Were Afraid to Ask

Monday, March 31st, 2014

Do you think you know everything about creating and using backups of Apple iOS devices? Probably not. Our colleague and friend Vladimir Bezmaly (MVP Consumer security, Microsoft Security Trusted Advisor) shares some thoughts, tips and tricks on iTunes and iCloud backups.

iPhone Backups

Mobile phones are everywhere. They are getting increasingly more complex and increasingly more powerful, producing, consuming and storing more information than ever. Today’s smart mobile devices are much more than just phones intended to make and receive calls. Let’s take Apple iPhone. The iPhone handles our mail, plans our appointments, connects us to other people via social networks, takes and shares pictures, and serves as a gaming console, eBook reader, barcode scanner, Web browser, flashlight, pedometer and whatnot. As a result, your typical iPhone handles tons of essential information, keeping the data somewhere in the device. But what if something happens to the iPhone? Or what if nothing happens, but you simply want a newer-and-better model? Restoring the data from a backup would be the simplest way of initializing a new device. But wait… what backup?

Users in general are reluctant to make any sort of backup. They could make a backup copy once after reading an article urging them to back up their data… but that would be it. Apple knows its users, and decided to explore the path yet unbeaten, making backups completely automatic and requiring no user intervention. Two options are available: local backups via iTunes and cloud backups via Apple iCloud.

(more…)

I’ve Got the iTunes Backup from the iCloud. What Shall I Do Now?

Tuesday, September 3rd, 2013

This is the second part of Elcomsoft Phone Password Breaker Enhances iCloud Forensics and Speeds Up Investigations article.

Extracting the content of an iPhone is only half the job. Recovering meaningful information from raw data is yet another matter. The good news is there are plenty of powerful tools providing iOS analytics. The bad news? You’re about to spend a lot of time analyzing the files and documenting the findings. Depending on the purpose of your investigation, your budget and your level of expertise using forensic tools, you may want using one tool or the other. Let’s see what’s available.

(more…)

Elcomsoft Phone Password Breaker Enhances iCloud Forensics and Speeds Up Investigations

Thursday, August 22nd, 2013

It’s been a while since we updated Elcomsoft Phone Password Breaker, dedicating our efforts to physical acquisition of iOS devices instead. Well, now when the new iOS Forensic Toolkit is out, it is time to update our classic phone recovery tool.

The new version of Elcomsoft Phone Password Breaker is released! While you can read an official press-release to get an idea of what’s new and updated, you may as well keep reading this blog post to learn not only what is updated, but also why we did it.

Dedicated to iCloud Forensics

This new release is more or less completely dedicated to enhancing support for remote recovery of iOS devices via iCloud. Why do it this way?

Because iCloud analysis remains one of the most convenient ways to acquire iOS devices. You can read more about iCloud analysis in a previous post here. Let’s see what else is available.

(more…)

The New Elcomsoft iOS Forensic Toolkit

Wednesday, July 17th, 2013

Soon after releasing the updated version of iOS Forensic Toolkit we started receiving questions about the new product. Did we really break iPhone 5? Does it truly work? Are there limitations, and what can you do about them? We decided to assemble all these questions into a small FAQ. If you’d rather read the full, more technical version of this FAQ, visit the following page instead: Elcomsoft iOS Forensic Toolkit FAQ. Those with non-technical background please read along.

(more…)

iCloud backups inside out

Monday, February 25th, 2013

It’s been a while since we released the new version of Elcomsoft Phone Password Breaker that allows downloading backups from iCloud (read the press release). Many customers all over the world are already using this new feature intensively, but we still get many questions about its benefits, examples of cases when it can be used and how to use it properly. We also noticed many ironic comments in different forums (mostly from users without any experience in using iOS devices and so have no idea what iCloud backups actually are, I guess), saying that there is nothing really new or interesting there, because anyone with Apple ID and password can access the data stored in iCloud backup anyway.

Well, it seems some further explanation is needed. If you are already using EPPB (and this feature in particular) you will find some useful tips for future interaction with iCloud, or even if you don’t have an iOS device (you loser! just kidding :)) please go ahead and learn how iCloud can be helpful and dangerous at the same time. (more…)

iCloud: Making Users Spy on Themselves

Thursday, February 21st, 2013

Apple iCloud is a popular service providing Apple users the much needed backup storage space. Using the iCloud is so simple and unobtrusive that more than 190 million customers (as of November, 2012) are using the service on regular basis.

Little do they know. The service opens governments a back door for spying on iOS users without them even knowing. ElcomSoft researchers discovered that information stored in the iCloud can be retrieved by anyone without having access to a physical device, provided that the original Apple ID and password are known. The company even built the technology for accessing this information in one of its mobile forensic products, Elcomsoft Phone Password Breaker, allowing investigators accessing backup copies of the phone’s content via iCloud services.

(more…)

Yahoo!, Dropbox and Battle.net Hacked: Stopping the Chain Reaction

Thursday, February 14th, 2013

Major security breaches occur in quick succession one after another. Is it a chain reaction? How do we stop it?

  • January 2012: Zappos hacked, 24 million accounts accessed
  • June 2012: 6.5 Million encrypted LinkedIn passwords leaked online
  • July 2012: 420,000 Formspring passwords compromised in security breach
  • July 2012: Yahoo! Mail hacked
  • August 2012: Dropbox hacked, user accounts database leaked.
  • August 2012: Blizzard Battle.net hacked, user accounts leaked.
  • September 2012: Private BitTorrent tracker hacked, passwords leaked by Afghani hackers
  • September 2012: Over 30,000 usernames and passwords leaked from private torrent tracker RevolutionTT
  • September 2012: IEEE admits password leak, says problem fixed
  • November 2012: Adobe Connect Security Breach Exposes Personal Data of 150K Users
  • November 2012: Security breach hits Amazon.co.uk , 628 user id and password leaked
  • November 2012: Anonymous claims they hacked PayPal’s servers, leaks thousands of passwords online
  • December 2012: 100 million usernames and passwords compromised in a massive hack of multiple popular Chinese Web sites
  • January 2013: Yahoo! Mail hacked (again).
  • February 2013: Twitter breach leaks emails, passwords of 250,000 users
(more…)