Breaking Wi-Fi Passwords with NVIDIA Ampere

April 12th, 2021 by Oleg Afonin

The supply of NVIDIA’s latest and greatest RTX 3000 series boards remains scarce due to production shortages and increased demand from gamers and cryptocurrency miners. That didn’t stop us from giving these cards yet another purpose: breaking Wi-Fi passwords.

Read the rest of this entry »

Breaking RAR5 and 7Zip Passwords

April 6th, 2021 by Oleg Afonin

The recent update to Elcomsoft Advanced Archive Password Recovery, our go-to tool for breaking passwords to encrypted archives, brought compatibility with RAR5 and 7Zip formats, and enabled multithreaded dictionary attacks. Which archive formats are the most secure, and which ones are the toughest to break? Read along to find out!

Read the rest of this entry »

Breaking the iPhone 12: Forensic Extraction of iOS 14 Devices

March 18th, 2021 by Oleg Afonin

iOS Forensic Toolkit 7.0 brings low-level extraction support for the latest generation of Apple devices. This includes the entire range of iPhone 12 models as well as all other devices capable of running iOS 14.0 to 14.3. Learn how to image the latest iPhone models without a jailbreak.

Read the rest of this entry »

iOS Recovery Mode Analysis: Reading iOS Version from Locked and Disabled iPhones

February 18th, 2021 by Oleg Afonin

The iPhone recovery mode has limited use for mobile forensics. However, even the limited amount of information available through recovery mode can be essential for an investigation. Recovery access can be also the only available analysis method if the device becomes unusable, is locked or disabled after ten unsuccessful unlocking attempts, or had entered the USB restricted mode. Learn how to enter and leave Recovery and what information you can obtain in this mode.

Read the rest of this entry »

Breaking Jetico BestCrypt

February 3rd, 2021 by Oleg Afonin

BestCrypt, developed by the Finnish company Jetico, is a cross-platform commercial disk encryption tool. Available for Windows, Linux, macOS and Android platforms, BestCrypt is delivered in two editions, one offering full-disk encryption and the other encrypting virtual disk volumes stored in containers, the latter being supported with our tools.

Read the rest of this entry »

Passcode Unlock and Physical Acquisition of iPhone 4, 5 and 5c

February 2nd, 2021 by Vladimir Katalov

Passcode unlock and true physical acquisition are now available for iPhone 4, 5, and 5c devices – with caveats. Learn about the benefits and limitations of passcode unlocks and true physical imaging of Apple’s legacy devices. Looking for a step by step walkthrough? Check out our imaging guide!

Read the rest of this entry »

iPhone 4, iPhone 5 and iPhone 5c Physical Acquisition Walkthrough

February 2nd, 2021 by Oleg Afonin

True physical acquisition is back – but only for a handful of old devices. We’re adding support for unlocking and forensically sound extraction of some of Apple’s legacy iPhones. For iPhone 4, 5, and 5c devices, we’re adding software-based passcode unlocking and device imaging functionality. Moreover, on some models you won’t even need to break the passcode in order to make a full disk image! In this walkthrough we’ll describe the steps required to image an iPhone 4, iPhone 5 or iPhone 5c device.

Read the rest of this entry »

NAS Forensics: Synology, ASUSTOR, QNAP, TerraMaster and Thecus Encryption Compared

February 1st, 2021 by Oleg Afonin

More than a year ago, we started researching the available encryption options in off the shelf network attached storage devices. We started with Synology devices, followed by Asustor, TerraMaster, Thecus, and finally Qnap. The manufacturers exhibit vastly different approaches to data protection, with different limitations, security implications and vulnerabilities. Today we are publishing the aggregate results of our analysis.

Read the rest of this entry »

End-to-End Encryption in Apple iCloud, Google and Microsoft Accounts

January 21st, 2021 by Oleg Afonin

The proliferation of always connected, increasingly smart devices had led to a dramatic increase in the amount of highly sensitive information stored in manufacturers’ cloud accounts. Apple, Google, and Microsoft are the three major cloud providers who also develop their own hardware and OS ecosystems. In this report, we’ll see how these companies protect their users’ highly sensitive information compared to each other.

Read the rest of this entry »

Secure Instant Messengers

January 19th, 2021 by Olga Koksharova

In today’s world of everyone wanting a slice of one’s personal information, users become more and more concerned about the privacy. The WhatsApp/Facebook integration raised an additional concern, considering that Facebook-owned Messenger requests the largest number of invasive permissions among all commonly used messengers. Data privacy and security concerns are mounting like a snowball. 2020 brought multiple data breach incidents from popular blogging resources from LiveJournal whose users’ data was breached and leaked to the darknet to financial institutions like Postbank with 12M exposed credit cards, hospitality giants as Mariott with 383 million records compromised or even Microsoft customers who also suffered from privacy-related issues.

Read the rest of this entry »