Page All:
Page 1
Elcomsoft Phone Breaker Adds Apple iCloud Drive Support, Decrypts iCloud Backup Keychain
MOSCOW, March 12, 2015 /PRNewswire/ --
ElcomSoft Co. Ltd. updates Elcomsoft Phone Breaker [https://www.elcomsoft.com/epb.html
] (formerly Elcomsoft Phone Password Breaker) with full support for Apple iCloud Drive.
The new release adds acquisition support for iCloud Drive, enabling investigators to
extract all types of data stored in Apple iCloud as well as iCloud Drive by all Apple and
third-party applications. In addition, the new release adds the ability to decrypt the
keychain stored in iCloud backups provided that the correct 'securityd' key is supplied
(extracted from the physical device). Finally, the latest release changes the Open File
dialog, displaying backup's properties in-place, before the backup file is actually
opened.
With this release, Elcomsoft Phone Breaker finalizes acquisition support for Apple's
online infrastructure, delivering investigators the ability to perform the complete
over-the-air acquisition of information stored in the cloud regardless of whether or not
the subject has upgraded their account to use iCloud Drive.
"We strived to deliver this functionality right after the official release of iCloud
Drive," says Vladimir Katalov, ElcomSoft CEO. "Unfortunately, this required far more
efforts than we initially anticipated. We wanted to thank our customers for their
patience, and apologize for not updating our tool earlier. Today, we have finalized
support for iCloud Drive, and can now offer our customers a reliable way for accessing
information stored in both Apple iCloud and iCloud Drive accounts."
While accessing user files uploaded to iCloud Drive via Finder or Windows Explorer
could be possible with other tools (if Apple ID and password are known), Apple provides no
means for accessing iOS backups and data stored in the iCloud Drive account by the apps.
Considering the changes between iCloud Drive and the "old" iCloud, previous versions of
Elcomsoft Phone Breaker were only able to extract information from iCloud accounts that
have not been updated to use iCloud Drive.
Armed with the ability to access information stored in the subject's cloud without
knowing the original Apple ID or password (via binary iCloud/iCloud Drive tokens extracted
from the subject's computer or hard drive), Elcomsoft Phone Breaker
[https://www.elcomsoft.com/epb.html ] becomes the ultimate acquisition tool for Apple iOS
devices.
About Apple iCloud Drive
The ability to save information other than device backups and some limited app data
into the cloud was introduced with the release of iOS 8 with the new cloud storage service
Apple called iCloud Drive. The new service is aimed to compete with established cloud
storage providers such as Dropbox, Box.com, Google Drive and Microsoft OneDrive. The
concept is similar to what is provided by other storage providers, and most closely
resembles Microsoft's OS-integrated OneDrive. Users are able to use Apple iCloud Drive to
store just about any type of file, and access the data from any Apple device as well as
from Windows PCs. While Apple users can upgrade their iCloud account to use iCloud Drive
at any time, iOS 8 is required to access iCloud Drive from iPhones and iPads.
According to Apple, more than 72% of its users have already migrated to iOS 8, gaining
the possibility to upgrade their iCloud service to iCloud Drive.
iCloud Drive Acquisition Support
The latest release of Elcomsoft Phone Breaker enables full acquisition support for the
recently introduced iCloud Drive. The tool enables full access to all types of information
stored in the user's iCloud or the new iCloud Drive, including:
- iWork documents including Pages, Numbers, Keynote (if configured to be
stored in the cloud)
- Documents stored by third-party apps (e.g. game backups, 1Password password
databases, WhatsApp communications, etc.)
- Certain system files such as user dictionaries, which may contain words and
phrases typed by the user that are not part of a common dictionary
- All types of files that can be stored in iCloud Drive
The feature is available in the Forensic edition of Elcomsoft Phone Breaker.
Acquiring Keychain Items
The new release adds the ability to acquire and decrypt keychain items stored in
iCloud backups (not to be confused with iCloud Keychain, which is a different matter
altogether).
"In order to decrypt the keychain, one will need a valid 'securityd' key extracted
from the device with Elcomsoft iOS Forensic Toolkit," says Ivan Ponurovskiy, ElcomSoft
Lead Mobile Forensics Developer. "Notably, this key will not change through the entire
life of the device. As a result, one will only need to extract the key once to be able to
deal with existing and future backups."
About Elcomsoft Phone Breaker
Elcomsoft Phone Breaker [https://www.elcomsoft.com/epb.html ] (formerly Elcomsoft
Phone Password Breaker) provides forensic access to encrypted information stored in
popular Apple and BlackBerry devices, Apple iCloud/iCloud Drive and Windows Live!
accounts. By recovering the original password protecting offline backups produced with
compatible devices, the tool offers forensic specialists access to SMS and email messages,
call history, contacts and organizer data, Web browsing history, voicemail and email
accounts and settings stored in those backup files. The new iteration of the product can
also retrieve information from online backups stored in Apple iCloud.
Pricing and Availability
Elcomsoft Phone Breaker is available immediately. Home, Professional and Forensic
editions are available. iCloud recovery is only available in Professional and Forensic
editions, while password-free iCloud access as well as the ability to download arbitrary
information are only available in the Forensic edition. Elcomsoft Phone Breaker Pro is
available to North American customers for $199. The Home edition is available for $79. The
Forensic edition enabling over-the-air acquisition of iCloud data is available for $799.
Local pricing may vary.
Elcomsoft Phone Breaker supports Windows Vista, Windows 7, 8, 8.1, as well as Windows
2003, 2008 and 2012 Server. Elcomsoft Phone Breaker operates without Apple iTunes or
BlackBerry Desktop Software being installed.
About ElcomSoft Co. Ltd.
Founded in 1990, ElcomSoft Co. Ltd. [https://www.elcomsoft.com ] develops
state-of-the-art computer forensics tools, provides computer forensics training and
computer evidence consulting services. Since 1997, ElcomSoft has been providing support to
businesses, law enforcement, military, and intelligence agencies. ElcomSoft tools are used
by most of the Fortune 500 corporations, multiple branches of the military all over the
world, foreign governments, and all major accounting firms. ElcomSoft is a Microsoft
Partner (Gold Application Development and Gold Intelligent Systems), Intel Premier Elite
Partner and member of NVIDIA's CUDA/GPU Computing Registered Developer Program.
ELCOMSOFT Co. Ltd.
CONTACT: Olga Koksharova, o.koksharova@elcomsoft.com, Fax US, toll-free: +1-866-448-2703
Elcomsoft Phone Breaker Adds Apple iCloud Drive Support, Decrypts iCloud Backup Keychain
MOSCOW, March 12, 2015 /PRNewswire/ --
ElcomSoft Co. Ltd. updates Elcomsoft Phone Breaker [https://www.elcomsoft.com/epb.html
] (formerly Elcomsoft Phone Password Breaker) with full support for Apple iCloud Drive.
The new release adds acquisition support for iCloud Drive, enabling investigators to
extract all types of data stored in Apple iCloud as well as iCloud Drive by all Apple and
third-party applications. In addition, the new release adds the ability to decrypt the
keychain stored in iCloud backups provided that the correct 'securityd' key is supplied
(extracted from the physical device). Finally, the latest release changes the Open File
dialog, displaying backup's properties in-place, before the backup file is actually
opened.
With this release, Elcomsoft Phone Breaker finalizes acquisition support for Apple's
online infrastructure, delivering investigators the ability to perform the complete
over-the-air acquisition of information stored in the cloud regardless of whether or not
the subject has upgraded their account to use iCloud Drive.
"We strived to deliver this functionality right after the official release of iCloud
Drive," says Vladimir Katalov, ElcomSoft CEO. "Unfortunately, this required far more
efforts than we initially anticipated. We wanted to thank our customers for their
patience, and apologize for not updating our tool earlier. Today, we have finalized
support for iCloud Drive, and can now offer our customers a reliable way for accessing
information stored in both Apple iCloud and iCloud Drive accounts."
While accessing user files uploaded to iCloud Drive via Finder or Windows Explorer
could be possible with other tools (if Apple ID and password are known), Apple provides no
means for accessing iOS backups and data stored in the iCloud Drive account by the apps.
Considering the changes between iCloud Drive and the "old" iCloud, previous versions of
Elcomsoft Phone Breaker were only able to extract information from iCloud accounts that
have not been updated to use iCloud Drive.
Armed with the ability to access information stored in the subject's cloud without
knowing the original Apple ID or password (via binary iCloud/iCloud Drive tokens extracted
from the subject's computer or hard drive), Elcomsoft Phone Breaker
[https://www.elcomsoft.com/epb.html ] becomes the ultimate acquisition tool for Apple iOS
devices.
About Apple iCloud Drive
The ability to save information other than device backups and some limited app data
into the cloud was introduced with the release of iOS 8 with the new cloud storage service
Apple called iCloud Drive. The new service is aimed to compete with established cloud
storage providers such as Dropbox, Box.com, Google Drive and Microsoft OneDrive. The
concept is similar to what is provided by other storage providers, and most closely
resembles Microsoft's OS-integrated OneDrive. Users are able to use Apple iCloud Drive to
store just about any type of file, and access the data from any Apple device as well as
from Windows PCs. While Apple users can upgrade their iCloud account to use iCloud Drive
at any time, iOS 8 is required to access iCloud Drive from iPhones and iPads.
According to Apple, more than 72% of its users have already migrated to iOS 8, gaining
the possibility to upgrade their iCloud service to iCloud Drive.
iCloud Drive Acquisition Support
The latest release of Elcomsoft Phone Breaker enables full acquisition support for the
recently introduced iCloud Drive. The tool enables full access to all types of information
stored in the user's iCloud or the new iCloud Drive, including:
- iWork documents including Pages, Numbers, Keynote (if configured to be
stored in the cloud)
- Documents stored by third-party apps (e.g. game backups, 1Password password
databases, WhatsApp communications, etc.)
- Certain system files such as user dictionaries, which may contain words and
phrases typed by the user that are not part of a common dictionary
- All types of files that can be stored in iCloud Drive
The feature is available in the Forensic edition of Elcomsoft Phone Breaker.
Acquiring Keychain Items
The new release adds the ability to acquire and decrypt keychain items stored in
iCloud backups (not to be confused with iCloud Keychain, which is a different matter
altogether).
"In order to decrypt the keychain, one will need a valid 'securityd' key extracted
from the device with Elcomsoft iOS Forensic Toolkit," says Ivan Ponurovskiy, ElcomSoft
Lead Mobile Forensics Developer. "Notably, this key will not change through the entire
life of the device. As a result, one will only need to extract the key once to be able to
deal with existing and future backups."
About Elcomsoft Phone Breaker
Elcomsoft Phone Breaker [https://www.elcomsoft.com/epb.html ] (formerly Elcomsoft
Phone Password Breaker) provides forensic access to encrypted information stored in
popular Apple and BlackBerry devices, Apple iCloud/iCloud Drive and Windows Live!
accounts. By recovering the original password protecting offline backups produced with
compatible devices, the tool offers forensic specialists access to SMS and email messages,
call history, contacts and organizer data, Web browsing history, voicemail and email
accounts and settings stored in those backup files. The new iteration of the product can
also retrieve information from online backups stored in Apple iCloud.
Pricing and Availability
Elcomsoft Phone Breaker is available immediately. Home, Professional and Forensic
editions are available. iCloud recovery is only available in Professional and Forensic
editions, while password-free iCloud access as well as the ability to download arbitrary
information are only available in the Forensic edition. Elcomsoft Phone Breaker Pro is
available to North American customers for $199. The Home edition is available for $79. The
Forensic edition enabling over-the-air acquisition of iCloud data is available for $799.
Local pricing may vary.
Elcomsoft Phone Breaker supports Windows Vista, Windows 7, 8, 8.1, as well as Windows
2003, 2008 and 2012 Server. Elcomsoft Phone Breaker operates without Apple iTunes or
BlackBerry Desktop Software being installed.
About ElcomSoft Co. Ltd.
Founded in 1990, ElcomSoft Co. Ltd. [https://www.elcomsoft.com ] develops
state-of-the-art computer forensics tools, provides computer forensics training and
computer evidence consulting services. Since 1997, ElcomSoft has been providing support to
businesses, law enforcement, military, and intelligence agencies. ElcomSoft tools are used
by most of the Fortune 500 corporations, multiple branches of the military all over the
world, foreign governments, and all major accounting firms. ElcomSoft is a Microsoft
Partner (Gold Application Development and Gold Intelligent Systems), Intel Premier Elite
Partner and member of NVIDIA's CUDA/GPU Computing Registered Developer Program.
ELCOMSOFT Co. Ltd.
CONTACT: Olga Koksharova, o.koksharova@elcomsoft.com, Fax US, toll-free: +1-866-448-2703