Nouvelles d'ElcomSoft


  • 28/11/2017

Elcomsoft Phone Breaker 8.1 is a cloud-targeted update. The new release is now able to discretely detect whether or not the Apple account being acquired has two-factor authentication enabled without triggering a push notification on user’s devices. Two-factor authentication codes delivered as SMS messages are now supported in addition to push and offline codes. Finally, the update can also bypass 2FA if running on the suspect's computer.

Elcomsoft Phone Breaker receives an update, this time targeting cloud acquisition of Apple accounts. Version 8.1 is now able to discretely detect the presence of two-factor authentication in user accounts without triggering a push notification on users’ devices. This feature gives forensic experts the choice of whether they want to proceed with cloud acquisition without alerting the suspect.

Multiple other improvements are made in this version in regards to two-factor authentication. In addition to the already supported two-factor authentication methods, Elcomsoft Phone Breaker 8.1 adds support for one-time codes delivered as text messages (SMS). This seemingly small change enables remote data extraction from Apple accounts protected with two-factor authentication even if the trusted device (iPhone, iPad or Mac) is locked, inaccessible or even destroyed. Thanks to SMS-based two-factor authentication support, experts can now have one-time codes delivered to a trusted phone number (SIM card), thus bypassing the need to unlock the device itself.

Version 8.1 fixes token-based logins for accounts with two-factor authentication, making use of Apple’s new, longer tokens.

Finally, running Elcomsoft Phone Breaker 8.1 on the suspect’s Windows or Mac computer now allows accessing all iCloud data (including backups) requiring just the Apple ID and password and without one-time codes, completely bypassing two-factor authentication for 2FA accounts even if the authentication token is already expired.

The update is free of charge to all customers who purchased or renewed their Elcomsoft Phone Breaker or Elcomsoft Mobile Forensic Bundle license within one year. Discounted renewal is available to customers whose maintenance plan has already expired.

Get more information on Elcomsoft Phone Breaker and download free trial version:
https://www.elcomsoft.fr/eppb.html

Read our blog post: Target: Apple Two-Factor Authentication

Read our blog post: Breaking Apple iCloud: Reset Password and Bypass Two-Factor Authentication