Elcomsoft Cloud Explorer 1.30 can now pull SMS (text) messages straight off the cloud, and offers enhanced location processing with support for Routes and Places. In this article, we’ll have a close look at the new features and get detailed instructions on how to use them. The first article will discuss the text messages, while enhanced location data will be covered in the one that follows.

Text Messages: Part of Android Backups (sort of)

Before we begin extracting text messages, let us check where they come from. As you may know, Android 6.0 has finally brought automated data backups. While Android backups are not nearly as complete or as comprehensive as iOS backups, they still manage to save the most important things such as device settings, the list of installed apps and app data into the cloud. Being a Google OS, Android makes use of the user’s Google Account to store backups. Unlike Apple, Google does not count the space taken by these backups towards your Google Drive allotment. At the same time, Google allows for a very limited data set to be saved into the cloud, so you can forget about multi-gigabyte backups you have probably seen in iOS.

While device settings, Wi-Fi passwords, the list of installed apps and application data are now backed up on most smartphones running Android 6 and newer, some devices have an additional element to save. We’re talking about text messages (SMS) sent and received by the users. Text messages can be stored in the user’s Google Account as parts of device backups. However, up to these days, this wonderful feature was available exclusively on Google Pixel and Pixel XL.

Things are beginning to change as Google works its way through Android updates. According to Google development team, “SMS messages are currently only backed up through the Google Backup Transport (GMSBackupTransport) on Pixel devices, as listed here: https://support.google.com/pixelphone/answer/7179901

SMS backup will also be supported on all devices starting in O, which is now available for preview”.

In simple words, it means that automatic SMS backups are coming to Android O, and currently available on all Pixel and Pixel XL handsets even if they run Android 7.

Unlike call logs, text messages don’t get the nearly real-time syncing across devices; instead, they are included into cloud backups that are updated daily at most. If more than one device is registered with the same Google Account, each device backup may contain text messages. This in turn means that extracting those text messages from the cloud could potentially return more data compared to logical or physical acquisition of a single device.

We updated Elcomsoft Cloud Explorer to be able to pull SMS communication history from online backups created by smartphones running Android 6 and newer. Let’s have a look at how this works.

Extracting Text Messages with Elcomsoft Cloud Explorer

Elcomsoft Cloud Explorer 1.30 or newer is required to extract text messages from the Google Account. In order to download text messages, do the following:

1. Launch Elcomsoft Cloud Explorer 1.30 (or newer)
2. Click File – Add Google Snapshot
3. Authenticate into the Google Account by providing the user name and password
4. If Two-Factor Authentication is enabled, you will be prompted for a secondary authentication code.
   Note: Elcomsoft Cloud Explorer 1.30 has a known issue authenticating with 6-digit authentication codes generated by the Authenticator app if Google Prompt is enabled. If Google Prompt is activated as a 2FA method of choice on a given Google Account, you will have to manually generate a set of backup codes for that Google Account. You will have to then use one of those 8-digit codes to complete authentication.
5. Once the authentication is completed, select Messages.
6. Elcomsoft Cloud Explorer will download the data from the Google Account. This may take a few minutes depending on the number of Android backups stored in that Google Account.
7. Once the download is finished, you’ll be able to review the messages.
8. If more than one device backup with text messages is available, you’ll be able to specify which device(s) to include by enabling a filter on the navigation panel on the right side of the screen. If more than one device is selected, you’ll be able to use searching and filtering through all messages obtained from multiple devices.