ElcomSoft, a Russian forensics firm, has just revealed a new method that can access iCloud backups of just about any iPhone, iPod or iPad in real time, as noted by MacRumors. The Russian firm has incorporated this functionality inside its software called Phone Password Breaker. All it needs is an Apple ID and password to get initial access to iCloud data, which can be easily extracted using ElcomSoft tools from offline backups stored in iTunes. Once done, everything is done automatically by the software i.e from downloading full iCloud backups to following real-time incremental backups. This makes it a while lot easier for investigators to track a device’s usage without its owners knowledge.
According to the source:
ElcomSoft researchers analyzed the communication protocol connecting iPhone users with Apple iCloud, and were able to emulate the correct commands in order to retrieve the content of iOS users’ iCloud storage. It’s important to note that, unlike offline backups that may come encrypted and must be broken into (a time-consuming operation), data retrieved from iCloud is received in plain, unencrypted form . The 5GB of storage space can be retrieved in reasonable time, while receiving incremental updates is even faster.
ElcomSoft’s most powerful software tools are only restricted to governmental agencies such as law enforcement, intelligence services and other qualified forensic organizations.