ElcomSoft's Phone Forensics Software Offers Near Real-Time Access to iCloud Backups

elcomsoft phone password breakerRussian forensics firm ElcomSoft earlier this week announced that it has discovered a way to easily access iCloud backups of iOS devices, incorporating the functionality into its Elcomsoft Phone Password Breaker software. While the Apple ID and password must be known in order to access the iCloud data, once that information has been obtained the software makes it easy for investigators to download full iCloud backups and then follow incremental backups in near real-time to track a device's use without the knowledge of the user.

ElcomSoft researchers analyzed the communication protocol connecting iPhone users with Apple iCloud, and were able to emulate the correct commands in order to retrieve the content of iOS users’ iCloud storage. It’s important to note that, unlike offline backups that may come encrypted and must be broken into (a time-consuming operation), data retrieved from iCloud is received in plain, unencrypted form . The 5GB of storage space can be retrieved in reasonable time, while receiving incremental updates is even faster.

Obtaining a user's Apple ID password may not always be trivial, but ElcomSoft tools can also be used to capture that information from offline backups stored in iTunes. And of course if the user disables iCloud syncing on its device or changes the Apple ID password, remote access is lost.

ElcomSoft has been at the forefront of development of password-cracking tools, last year incorporating a tool to bypass hardware encryption included in iOS 4. Such tools are increasingly being used by law enforcement to aid their investigations as smartphones become increasingly common and collect a growing amount of information about users and their activity.

ElcomSoft offers several levels of its software, with the most powerful versions restricted to certain governmental agencies, including law enforcement, intelligence services, and other qualified forensic organizations.

Top Rated Comments

Peace Avatar
126 months ago
One more reason not to rely on iCloud backups.

One more reason to question internet laws.
Score: 35 Votes (Like | Disagree)
dustinsc Avatar
126 months ago
I sure hope law enforcement has to have a warrant to use this sort of thing.
Score: 34 Votes (Like | Disagree)
KPOM Avatar
126 months ago
One more reason not to rely on iCloud backups.

More precisely, this is a reason to be a bit suspicious of the cloud in general.

Another security fiasco from Apple putting their users data at risk. You simply can't trust this company anymore for providing secure robust solutions for their users. They just don't put due effort and involvement in software development.

This is not limited to Apple. While I'm sure that, as a consumer-oriented service, Apple's iCloud is likely less secure than other cloud solutions, don't think that other services are exactly risk-free, either. A lot of enterprises restrict or limit the use of iCloud or Google's cloud services on iOS and Android phones and tablets for this very reason. For instance, as a condition of allowing iPhones and iPads onto our Exchange server, my employer requires us to install a profile that turns off iCloud document sharing.

The cloud is a great convenience, but it brings with it a brand new set of security issues.
Score: 32 Votes (Like | Disagree)
anjinha Avatar
126 months ago
Why aren't you mad at Apple for having such security flaws. This is Apples MO after all. Ignore all security issues until the media blows it up, then point the finger for 2 months, then quietly release a security fix with no explanation.

What security flaws? If someone has my iCloud password they can simply restore an iPhone with my iCloud backup. And if they have physical access to my iTunes backup it means they have my computer which has all the data in iCloud anyway!
Score: 22 Votes (Like | Disagree)
RMo Avatar
126 months ago
One more reason not to rely on iCloud backups.
Score: 19 Votes (Like | Disagree)
WestonHarvey1 Avatar
126 months ago
So someone has to have your password to get into your iCloud account, which is how iCloud works in the first place.

Someone can theoretically get your password out of an iTunes backup. If someone has access to your Mac's filesystem, you've got bigger problems, and they probably already have access to all the information you had in iCloud anyway.
Score: 18 Votes (Like | Disagree)

Popular Stories

AirPods Pro Gen 3 Mock Feature Red

AirPods Pro 2 Could Start a New Accessory Ecosystem

Friday January 14, 2022 2:34 am PST by
Apple's second-generation AirPods Pro could arrive alongside a new series of accessories, recent leaked images suggest. Alleged leaked photos of the next-generation AirPods Pro obtained by MacRumors showed a charging case with a metal loop on the side for attaching a strap. Apple has not used this design for any of its other AirPod models and it is unclear why it would be added in this...
netflix2

Netflix Again Raises Prices for All Plans, 4K Streaming Now $20 Per Month

Friday January 14, 2022 12:46 pm PST by
Netflix today updated the prices for its streaming plans, and all of its offerings are now more expensive. The Basic plan is now priced at $9.99 per month, the Standard plan is priced at $15.49 per month, and the Premium plan is priced at $19.99 per month. The Basic plan is $1 more expensive, up from $8.99 per month. This plan allows users to watch on just one screen at a time, and it limits ...
iPhone 14 Mock pill and hole 16x9 120hz

Analyst: All iPhone 14 Models to Feature 120Hz Displays, 6GB of RAM, and More

Friday January 14, 2022 7:02 am PST by
Apple is rumored to announce four new iPhone 14 models in September, and ahead of time, analyst Jeff Pu has outlined his expectations for the devices. In a research note with Haitong International Securities, obtained by MacRumors, Pu claimed that all iPhone 14 models will feature ProMotion displays, compared to only Pro models currently. ProMotion enables a variable refresh rate up to 120Hz ...
Unlikely Products 2022 Feature

Six Rumored Apple Products You're Unlikely to See This Year

Saturday January 15, 2022 2:06 pm PST by
Much has been said about what consumers could see from Apple in 2022, but the company is also working on a handful of rumored products that aren't expected to be unveiled for at least another 12 months, and in some cases a lot longer. Of course, that's assuming they get released at all. Apple works on many potential products some of which ultimately never see the light of day. With that in...
top stories 20220115

Top Stories: iPhone 14 Pro Rumors, iCloud Private Relay Controversy, iOS 15.2.1 Released, and More

Saturday January 15, 2022 6:00 am PST by
Hole-punch? Pill? Hole-punch and pill? Rumors about what the front camera system on the iPhone 14 Pro will look like are evolving rapidly, and it now appears we might be getting a novel but potentially controversial design later this year. Other major stories this week included some confusion and controversy about iCloud Private Relay being disabled for some T-Mobile customers, increasing...
iPhone 14 Mock pill and hole thumb

ProMotion Now Expected to Remain Exclusive to iPhone 14 Pro Models, Not Expand to Entire Lineup

Sunday January 16, 2022 8:56 am PST by
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst. Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
iPad Pro Big Ol Logo Orange

Next iPad Pro Might Feature Large Glass Apple Logo to Allow Wireless Charging

Friday January 14, 2022 10:44 am PST by
Bloomberg's Mark Gurman and Debby Wu last year reported that Apple had tested a new iPad Pro with a glass back for wireless charging capabilities. In a recent edition of his newsletter, Gurman said he expects the new iPad Pro to be released in 2022. While the new iPad Pro is still on track to feature wireless charging, 9to5Mac's Filipe Espósito today reported that Apple may have ultimately...
ipad air 4 video

New iPad Air Rumored to Launch This Spring With A15 Chip, 5G, Center Stage Camera, and More

Saturday January 15, 2022 8:05 pm PST by
Apple is planning to release a fifth-generation iPad Air with similar features as the sixth-generation iPad mini, including an A15 Bionic chip, 12-megapixel Ultra Wide front camera with Center Stage support, 5G for cellular models, and Quad-LED True Tone flash, according to Japanese blog Mac Otakara. Citing reliables sources in China, the report claims that the new iPad Air could be...