ElcomSoft's Phone Forensics Software Offers Near Real-Time Access to iCloud Backups

elcomsoft phone password breakerRussian forensics firm ElcomSoft earlier this week announced that it has discovered a way to easily access iCloud backups of iOS devices, incorporating the functionality into its Elcomsoft Phone Password Breaker software. While the Apple ID and password must be known in order to access the iCloud data, once that information has been obtained the software makes it easy for investigators to download full iCloud backups and then follow incremental backups in near real-time to track a device's use without the knowledge of the user.

ElcomSoft researchers analyzed the communication protocol connecting iPhone users with Apple iCloud, and were able to emulate the correct commands in order to retrieve the content of iOS users’ iCloud storage. It’s important to note that, unlike offline backups that may come encrypted and must be broken into (a time-consuming operation), data retrieved from iCloud is received in plain, unencrypted form . The 5GB of storage space can be retrieved in reasonable time, while receiving incremental updates is even faster.

Obtaining a user's Apple ID password may not always be trivial, but ElcomSoft tools can also be used to capture that information from offline backups stored in iTunes. And of course if the user disables iCloud syncing on its device or changes the Apple ID password, remote access is lost.

ElcomSoft has been at the forefront of development of password-cracking tools, last year incorporating a tool to bypass hardware encryption included in iOS 4. Such tools are increasingly being used by law enforcement to aid their investigations as smartphones become increasingly common and collect a growing amount of information about users and their activity.

ElcomSoft offers several levels of its software, with the most powerful versions restricted to certain governmental agencies, including law enforcement, intelligence services, and other qualified forensic organizations.

Top Rated Comments

Peace Avatar
156 months ago
One more reason not to rely on iCloud backups.

One more reason to question internet laws.
Score: 35 Votes (Like | Disagree)
dustinsc Avatar
156 months ago
I sure hope law enforcement has to have a warrant to use this sort of thing.
Score: 34 Votes (Like | Disagree)
KPOM Avatar
156 months ago
One more reason not to rely on iCloud backups.

More precisely, this is a reason to be a bit suspicious of the cloud in general.

Another security fiasco from Apple putting their users data at risk. You simply can't trust this company anymore for providing secure robust solutions for their users. They just don't put due effort and involvement in software development.

This is not limited to Apple. While I'm sure that, as a consumer-oriented service, Apple's iCloud is likely less secure than other cloud solutions, don't think that other services are exactly risk-free, either. A lot of enterprises restrict or limit the use of iCloud or Google's cloud services on iOS and Android phones and tablets for this very reason. For instance, as a condition of allowing iPhones and iPads onto our Exchange server, my employer requires us to install a profile that turns off iCloud document sharing.

The cloud is a great convenience, but it brings with it a brand new set of security issues.
Score: 32 Votes (Like | Disagree)
anjinha Avatar
156 months ago
Why aren't you mad at Apple for having such security flaws. This is Apples MO after all. Ignore all security issues until the media blows it up, then point the finger for 2 months, then quietly release a security fix with no explanation.

What security flaws? If someone has my iCloud password they can simply restore an iPhone with my iCloud backup. And if they have physical access to my iTunes backup it means they have my computer which has all the data in iCloud anyway!
Score: 22 Votes (Like | Disagree)
RMo Avatar
156 months ago
One more reason not to rely on iCloud backups.
Score: 19 Votes (Like | Disagree)
WestonHarvey1 Avatar
156 months ago
So someone has to have your password to get into your iCloud account, which is how iCloud works in the first place.

Someone can theoretically get your password out of an iTunes backup. If someone has access to your Mac's filesystem, you've got bigger problems, and they probably already have access to all the information you had in iCloud anyway.
Score: 18 Votes (Like | Disagree)

Popular Stories

maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
iPhone 15 Pro FineWoven

Apple Reportedly Stops Production of FineWoven Accessories

Sunday April 21, 2024 6:03 am PDT by
Apple has stopped production of FineWoven accessories, according to the Apple leaker and prototype collector known as "Kosutami." In a post on X (formerly Twitter), Kosutami explained that Apple has stopped production of FineWoven accessories due to its poor durability. The company may move to another non-leather material for its premium accessories in the future. Kosutami has revealed...
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
iOS 17 All New Features Thumb

iOS 17.5 Will Add These New Features to Your iPhone

Sunday April 21, 2024 3:00 am PDT by
The upcoming iOS 17.5 update for the iPhone includes only a few new user-facing features, but hidden code changes reveal some additional possibilities. Below, we have recapped everything new in the iOS 17.5 and iPadOS 17.5 beta so far. Web Distribution Starting with the second beta of iOS 17.5, eligible developers are able to distribute their iOS apps to iPhone users located in the EU...
iPad And Calculator App Feature

Apple Finally Plans to Release a Calculator App for iPad Later This Year

Tuesday April 23, 2024 9:08 am PDT by
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. The lack of ...
Provenance Emulator

PlayStation and SEGA Emulator for iPhone and Apple TV Coming to App Store [Updated]

Friday April 19, 2024 8:29 am PDT by
The lead developer of the multi-emulator app Provenance has told iMore that his team is working towards releasing the app on the App Store, but he did not provide a timeframe. Provenance is a frontend for many existing emulators, and it would allow iPhone and Apple TV users to emulate games released for a wide variety of classic game consoles, including the original PlayStation, SEGA Genesis,...