While Apple has denied that its iCloud service was at fault in last week’s leaking of nude celebrity photos, Wired is reporting that attackers are using a forensic tool marketed for law enforcement officials to download backups of victims’ iCloud accounts.
Writer Andy Greenberg spent time on the Anon-IB anonymous image forums researching the techniques that hackers are using to gain access to private photos. One such tool is Elcomsoft’s Phone Password Breaker (EPPB). Elcomsoft calls its software an “ideal solution for law enforcement and intelligence organizations,” but it has gained popularity among users trying to steal private data from others. While attackers would still need to gain the account details through other methods, EPPB also advertises a password-free feature that involves skimming an authentication token from a synced PC or Mac.
F**k it, we'll do it live!
Our biggest ever edition of TNW Conference is fast approaching! Join 10,000 tech leaders this May in Amsterdam.
Elcomsoft has been around for years now, so this technique isn’t anything new, but these shady tactics have surfaced with the attention that this latest leak has brought. We’ve reached out to Apple and Elcomsoft to ask about EPPB and iCloud and will update as needed.
Update: Elcomsoft CEO Vladimir Katalov has responded to our questions:
Do you sell the software to non-law enforcement customers?
Yes, this software is available to anyone. The reason is simple, see the answer to the next question.
Does it bypass Apple security?
Not at all. In fact EPPB is doing almost the same as if you restore the new device from iCloud backup — but just saves backup data to the hard disk instead of writing directly to the device. In order to be able to do that, you still need to know the Apple ID and password. But if you do know them, you can get the same result without EPPB or any 3rd party software as follows:
– get the new device
– during device setup, ask to restore it from iCloud account
– once restore process is complete, connect device to iTunes and create local backup
That’s it — you also need to know the password to Apple ID, of course, but the result is about the same. With EPPB, it is just a bit simpler and much faster.
Could it have been used to access the celebrity photos that have been leaked in the past week?
3. Yes, I think so — because there are no other tools on the market that allow iCloud backup downloading (while manual operating as described above is a bit tricky). Well, in fact I have seen a couple of Chinese-made programs that allow to download some data from the iCloud (not complete backups, but selected categories only), but I am 100% sure that they reverse-engineering EPPB (reversing original iCloud protocol using the device was an extremely hard work, quite a lot of research by professional developers), and this other software does not work really well.
Featured Image Credit – Getty Images