Phone Breaker App Hacks iCloud Accounts, Leaks All Your Data

Status
Not open for further replies.

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Forensic tool maker Elcomsoft has announced a big update to its Phone Breaker software which introduces the ability to acquire information stored in the cloud, over-the-air, from a user’s iCloud account. Including those locked down with two-factor authentication.

Elcomsoft Phone Breaker is one of the first (if not the actual first) ever third-party forensic tool capable of retrieving and decrypting data stored in iCloud. The major benefit of using this tool to obtain information is the ability to access information stored in the cloud without having access to the physical device.

The new release specifically adds support for iOS 8 and the latest iDevices. It acquires iCloud accounts with two-factor authentication and is able to extract all types of data, including iWork documents, WhatsApp chats, password managers, social networking information, and everything in between.
Extracts iCloud authentication tokens
The forensic tool (which, strange as it may be, is offered for general consumption), is capable of extracting iCloud authentication tokens from hard drives and disk images. iCloud tokens can also be extracted from binary files such as keychain, plist, and registry files.

Before receiving this update, Phone Breaker used authentication tokens obtained from a suspect’s Mac or PC. The new version extracts authentication tokens from standalone hard drives and forensic disk images. All the user needs to do, in order to extract the authentication token, is to mount the disk image and use the command-line tool that comes with Phone Breaker.

“Apple released major technological updates and introduced tightened security measures during the past month,” says Vladimir Katalov, ElcomSoft CEO. “We are keeping up with the latest developments, adapting to newly implemented security measures. But that’s not all! Together with iOS 8 and two-factor authentication support, we are adding the ability for our customers to access most information stored in the user’s cloud account.”
iOS 8 / 8.1 Support
The updated Elcomsoft Phone Breaker supports the newest iPhone and iPad firmware builds and can access all types of information stored in the user’s iCloud account, including iWork files, documents stored by third-party apps (including password-manager databases and WhatsApp conversations), “system files [...] which may contain words and phrases typed by the user that are not part of a common dictionary,” and more, according to the developer.

Elcomsoft notes that the feature doesn’t work on accounts upgraded to iCloud Drive, while iCloud Drive support will be released in the first quarter of next year. Some 250 million people are currently using iCloud.
 

Piteko21

Level 18
Verified
Top Poster
Well-known
Sep 13, 2014
874
A Russian software company has updated its forensic software to work-around the security features Apple recently added to iCloud and increased what information can be extracted from the cloud storage service.

Elcomsoft’s Phone Breaker software now supports the two-factor authentication process Apple added to iOS 8 in September for accessing iCloud, Vladimir Katalov, CEO of the Moscow company, said Wednesday in a blog post...

(please, read all the article).
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top