ElcomSoft's Latest Tool Can Allegedly Access iMessages in iCloud, But Only in Extreme Circumstances

by

Russian company ElcomSoft today claimed that the latest version of its Phone Breaker software can remotely access iMessage conversation histories stored in iCloud, although there are several strings attached.

imessage logo
Namely, the person attempting to extract iMessages from an iCloud account would need the following before being able to do so:

  • Elcomsoft Phone Breaker version 8.3

  • The associated Apple ID email and password for the iCloud account

  • The passcode, if an iPhone, iPad, or iPod touch, or system password, if a Mac, of at least one device on the account enrolled in Messages in iCloud, which requires iOS 11.4 and macOS 10.13.5 or later

  • Access to a two-factor authentication method, such as a trusted secondary device, which may or may not have the same passcode or system password, or a SIM card for a phone number that has been authorized to receive one-time verification codes via SMS

It's worth noting that if the perpetrator has obtained physical access to at least one of your trusted secondary devices, and its passcode, they would be able to read at least part of your iMessage history regardless by simply opening the Messages app.

Apple obviously cares very deeply about the security of its customers, but if a bad actor has gained access to another person's Apple ID credentials, your passcode, and at least one of your Apple devices, or your SIM card, there arguably isn't really much the company can do at that point to protect you.

That's why it's so important, as Apple routinely stresses, to set a strong password for your Apple ID, not share that password with others, enable two-factor authentication, and keep careful possession of your devices. It also helps to set a strong alphanumeric passcode on an iOS device, rather than a four-digit one.

Apple says iMessages are protected with end-to-end encryption, and notes that messages can't be accessed by anyone without your device passcode. As an additional safeguard, Apple requires that users have two-factor authentication turned on for their Apple ID accounts to enable Messages in iCloud.

imessage encryption
ElcomSoft's tool seems to be taking advantage of the fact that, if iCloud Backups are turned on, a copy of the encryption key protecting iMessages is included in the backup, according to a support document on Apple's website:

If you have iCloud Backup turned on, a copy of the key protecting your Messages is included in your backup. This ensures you can recover your Messages if you’ve lost access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and it is not stored by Apple.

Given the extenuating circumstances required, the vast majority of users shouldn't have anything to worry about. But it's a good reminder to maintain strong security practices on all of your devices to stay safe.

Tags: ElcomSoft, iMessage, Security

Popular Stories

Tim Cook WWDC 2018

Report: Tim Cook to Step Down as Apple CEO 'as Soon as Next Year'

Saturday November 15, 2025 2:40 pm PST by
Apple is preparing for Tim Cook to step down as CEO of the company "as soon as next year," according to the Financial Times. The company's board of directors and senior executives "recently intensified preparations for Cook to hand over the reins," the report said. While the report said that Apple is unlikely to name a new CEO before its next earnings report in late January, it went on to ...
Read Full Article465 comments
iOS 26

Everything New in iOS 26.2 Beta 3

Monday November 17, 2025 3:20 pm PST by
Apple provided developers with the third beta of an upcoming iOS 26.2 update, and there are still new features that are being added with each beta that we get. We've rounded up all of the changes that Apple made in beta 3. AirDrop Apple added new AirDrop functionality, providing a way for two people to share files temporarily without having to add one another as contacts. iOS 26.2...
Read Full Article20 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 2, AirPods Pro 3, and AirPods 4

Thursday November 13, 2025 11:35 am PST by
Apple today released new firmware designed for the AirPods Pro 3, the AirPods 4, and the prior-generation AirPods Pro 2. The AirPods Pro 3 firmware is 8B25, while the AirPods Pro 2 and AirPods 4 firmware is 8B21, all up from the prior 8A358 firmware released in October. There's no word on what's include in the updated firmware, but the AirPods Pro 2, AirPods 4 with ANC, and AirPods Pro 3...
Read Full Article70 comments
best early black friday deals

Best Black Friday Apple Deals Live Now - Save on AirPods, iPads, and Apple Watches

Saturday November 15, 2025 1:45 pm PST by
We're officially in the month of Black Friday, which will take place on Friday, November 28 in 2025. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. In this article, the majority of the discounts will be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When ...
Read Full Article3 comments
Apple Wallet ID Illinois

iPhone Driver's License Feature Launching in Illinois

Tuesday November 18, 2025 8:47 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Starting this Wednesday, November 19, the feature will be available to residents of Illinois. The announcement confirmed that the...
Read Full Article59 comments
iPhone Pocket Short

iPhone Pocket Now Available to Order, But Already Selling Out

Friday November 14, 2025 6:20 am PST by
Apple recently teamed up with Japanese fashion brand ISSEY MIYAKE to create the iPhone Pocket, a limited-edition knitted accessory designed to carry an iPhone. iPhone Pocket is available to order on Apple's online store starting today, in the United States, France, China, Italy, Japan, Singapore, South Korea, and the United Kingdom. However, it is already completely sold out in the United...
Read Full Article200 comments
apple silicon mac lineup 2024 feature purple m5

Apple's 2026 Mac Plans

Friday November 14, 2025 3:23 pm PST by
Most of Apple's Macs are slated to get M5 chips across 2026, and there's a possibility we'll even see the first M6 chips toward the end of the year. Updates are planned for everything from the MacBook Air to the Mac Studio. MacBook Air (Early 2026) The MacBook Air will be one of the first Macs to get a 2026 refresh, with an update planned for the first few months of the year. The MacBook...
Read Full Article157 comments
CarPlay Liquid Glass Dark

Here's When Tesla is Expected to Add Support for Apple CarPlay

Sunday November 16, 2025 6:49 am PST by
In his Power On newsletter today, Bloomberg's Mark Gurman reiterated that Tesla plans to add Apple CarPlay support to its vehicles "in the coming months." This is easily the biggest news for the regular version of CarPlay in years, should Tesla actually follow through with offering the system in its vehicles. As noted by Gurman, this would be a stunning reversal for Tesla and its CEO Elon ...
Read Full Article114 comments
tvOS 26 Profiles

tvOS 26.2 Adds a Useful New Feature to Your Apple TV

Friday November 14, 2025 10:02 am PST by
Starting with the upcoming tvOS 26.2 update, currently in beta, additional profiles created on the Apple TV no longer require their own Apple Account. In the Settings app on the Apple TV, under Profiles and Accounts, anyone can create a new profile by simply entering a name and indicating whether the profile is for a kid. The profile will be associated with the primary user's Apple Account,...
Read Full Article
Apple Sports App Preview Feature

Apple Sports App on iPhone Now Available in More European Countries

Monday November 17, 2025 6:27 am PST by
The free Apple Sports app on the iPhone was released in additional European countries today, including Belgium, Croatia, Czechia, the Netherlands, Luxembourg, Poland, Hungary, Denmark, Finland, Norway, Sweden, Switzerland, Slovakia, Slovenia, Serbia, Greece, Estonia, Latvia, Romania, Ukraine, and others. The app was already available in the U.S., the U.K., Canada, Austria, France, Germany,...
Read Full Article22 comments

Top Rated Comments

Chabba Avatar
Chabba
97 months ago
So they can access your data if they have access to your data...? Sounds like that to me.
Score: 46 Votes (Like | Disagree)
Christoffee Avatar
Christoffee
97 months ago
I'm not sure Elcomsoft Phone Breaker version 8.3 is required. o_O
Score: 39 Votes (Like | Disagree)
IJ Reilly Avatar
IJ Reilly
97 months ago
And our complete non-story of the day is...
Score: 26 Votes (Like | Disagree)
slimtastic Avatar
slimtastic
97 months ago
BREAKING NEWS: If someone gets your Apple ID, Password, Passcode, AND PHYSICAL ACCESS TO YOUR DEVICE, they may be able to get your info! You HAVE BEEN WARNED.

Lmao
Score: 23 Votes (Like | Disagree)
zorinlynx Avatar
zorinlynx
97 months ago
HEY YOU KNOW WHAT I found a security hole in my bank's ATMs, if someone has my card and PIN they can take out my cash!!! HOLY CRAP WHAT WILL WE DO NOW!??!
Score: 21 Votes (Like | Disagree)
ViDeOmAnCiNi Avatar
ViDeOmAnCiNi
97 months ago
I've totally figured out how to access *anyone's* home! You'll need:

Their permission
Door key(s)
Alarm code(s)
Familiarity with their killer wiener dog, Bunz
Friendships with their neighbors as to not arouse suspicion

..and you are *totally* in!

Enjoy!
Score: 19 Votes (Like | Disagree)
Read All Comments