ElcomSoft


'ElcomSoft' Articles

ElcomSoft's Latest Tool Can Allegedly Access iMessages in iCloud, But Only in Extreme Circumstances

Russian company ElcomSoft today claimed that the latest version of its Phone Breaker software can remotely access iMessage conversation histories stored in iCloud, although there are several strings attached. Namely, the person attempting to extract iMessages from an iCloud account would need the following before being able to do so:Elcomsoft Phone Breaker version 8.3 The associated Apple ID email and password for the iCloud account The passcode, if an iPhone, iPad, or iPod touch, or system password, if a Mac, of at least one device on the account enrolled in Messages in iCloud, which requires iOS 11.4 and macOS 10.13.5 or later Access to a two-factor authentication method, such as a trusted secondary device, which may or may not have the same passcode or system password, or a SIM card for a phone number that has been authorized to receive one-time verification codes via SMSIt's worth noting that if the perpetrator has obtained physical access to at least one of your trusted secondary devices, and its passcode, they would be able to read at least part of your iMessage history regardless by simply opening the Messages app. Apple obviously cares very deeply about the security of its customers, but if a bad actor has gained access to another person's Apple ID credentials, your passcode, and at least one of your Apple devices, or your SIM card, there arguably isn't really much the company can do at that point to protect you. That's why it's so important, as Apple routinely stresses, to set a strong password for your Apple ID, not share that password with others, e

ElcomSoft Claims It's Able to Recover Deleted iCloud Notes Well Past Apple's 30-Day Window

Russian software company ElcomSoft today claimed in a blog post that iCloud notes marked as deleted are being stored on Apple's servers well past the advertised 30-day period they are kept in the "Recently Deleted" folder. ElcomSoft said it used an updated version of its Phone Breaker tool, version 6.5, to recover dozens of iCloud notes deleted more than a month ago. ElcomSoft said many of the notes were deleted a few weeks past the 30-day window, but in some cases, it was allegedly able to extract notes deleted "several months ago." When a user deletes a note in Apple's Notes app, it's moved to the "Recently Deleted" folder, which explicitly states that "notes are permanently deleted after 30 days." Likewise, a support document on Apple's website says users can view and recover notes for up to 30 days before they're permanently deleted. However, ElcomSoft CEO Vladimir Katalov said the oldest note it was able to retrieve was deleted around five years ago:"We did it again," says Vladimir Katalov, ElcomSoft CEO. "After recovering deleted photos and Safari browsing history from iCloud, we now add the ability to recover deleted notes from the same source regardless of how much time has passed after the deletion. The oldest record we've been able to pull was deleted back in 2012."In its blog post, ElcomSoft said it was able to extract 334 notes from an iPhone with only 288 notes stored on it, including those in the "Recently Deleted" folder. In other words, ElcomSoft claims it was able to recover 46 notes deleted more than 30 days ago, and that was only one example.