Resource Management in Distributed Password Attacks

February 20th, 2024 by Oleg Afonin

In the latest update, Elcomsoft Distributed Password Recovery introduced a new feature that allows managing the available computational resources. The new resource management capability allows administrators to manage and distribute the available computational resources across multiple jobs. The feature enables users to tap into a pool of available resources by requesting a certain number of recovery agents. The reserved recovery agents will be allocated, allowing multiple jobs to run separately at the same time.

Read the rest of this entry »

iOS 17.3 Developer Preview: Stolen Device Protection

December 20th, 2023 by Oleg Afonin

The first developer beta of iOS 17.3 includes Stolen Device Protection, a major new security feature designed to protect the user’s sensitive information stored in the device and in iCloud account if their iPhone is stolen and the thief gets access to the phone’s passcode. This optional feature could represent a significant change in how Apple looks at security, where currently the passcode is king. At this time, no detailed documentation is available; developers are getting a prompt to test the feature when installing the new beta.

Read the rest of this entry »

iOS Forensic Toolkit: Exploring the Linux Edition

November 30th, 2023 by Oleg Afonin

The latest update of iOS Forensic Toolkit brought an all-new Linux edition, opening up a world of possibilities in mobile device analysis. The highly anticipated Linux edition preserves and expands the features previously available to macOS and Windows users. Forensic professionals can now perform advanced logical and low-level extractions with the aid of a custom extraction agent and extract information using the bootloader-level exploit, making forensic analysis more accessible on Linux platforms.

Read the rest of this entry »

Forensic Insights into Apple Watch Data Extraction

November 30th, 2023 by Oleg Afonin

The latest update to the iOS Forensic Toolkit has expanded data extraction support for older models of Apple Watch, introducing low-level extraction capabilities for Apple Watch Series 0, Series 1, and Series 2. In a landscape where new devices are released on a yearly schedule, we stand committed to a balanced approach. While it’s easy for many to dismiss older devices, we recognize their significance as they frequently reappear in the labs of forensic experts. It is important to emphasize that, unlike many, we cater to the needs of experts who have to deal with legacy devices. This enhancement enables macOS and Linux users to delve deeper into these watches, retrieving crucial information such as passwords and complete file systems.

Read the rest of this entry »

Using and Troubleshooting the checkm8 Exploit

October 31st, 2023 by Oleg Afonin

The bootloader vulnerability affecting several generations of Apple devices opens the door to forensically sound extraction. In today’s article we’ll discuss the compatibility and features of this exploit with different devices, iOS versions, and platforms. In addition, we’ll provide security professionals and researchers with valuable insight into potential issues and solutions when working with checkm8.

Read the rest of this entry »

iOS Forensic Toolkit 8 Lands on Windows

October 5th, 2023 by Oleg Afonin

We have exciting news: iOS Forensic Toolkit 8 is now available for Windows users in the all-new Windows edition. The new build maintains and extends the functionality of EIFT 7, which is now approaching the end of its life cycle. In addition, we’ve made the Toolkit portable, eliminating the need for installation. Learn what’s new in the eights version of the Toolkit!

Read the rest of this entry »

iOS Forensic Toolkit: Troubleshooting Low-Level Extraction Agent

September 12th, 2023 by Oleg Afonin

In this tutorial, we will address common issues faced by users of the iOS Forensic Toolkit when installing and using the low-level extraction agent for accessing the file system and keychain on iOS devices. This troubleshooting guide is based on the valuable feedback and data received by our technical support team.

Read the rest of this entry »

What to Do When Password Recovery Attacks Stall

August 22nd, 2023 by Oleg Afonin

Have you ever tried to unlock a password but couldn’t succeed? This happens when the password is really strong and designed to be hard to break quickly. In this article, we’ll explain why this can be a tough challenge and what you can do about it.

Read the rest of this entry »

Open-Sourcing Orange Pi R1 Plus LTS Software for Firewall Functionality: Secure Sideloading of Extraction Agent

August 3rd, 2023 by Oleg Afonin

We are excited to announce the release of an open-source software for Orange Pi R1 LTS designed to provide firewall functionality for sideloading, signing, and verifying the extraction agent that delivers robust file system imaging and keychain decryption on a wide range of Apple devices with iOS Forensic Toolkit. This development aims to address the growing security challenge faced by forensic experts when sideloading the extraction agent using regular and developer Apple accounts.

Read the rest of this entry »

Breaking into iOS 16.5: Extracting the File System and Keychain

August 2nd, 2023 by Oleg Afonin

When it comes to iOS data acquisition, Elcomsoft iOS Forensic Toolkit is the top choice for forensic experts. Its cutting-edge features and unmatched capabilities have made it the go-to software for investigating iOS devices. In a recent update, we expanded the capabilities of the low-level extraction agent to support full file system extraction and keychain decryption on Apple’s newest devices running iOS 16.5. This achievement represents a breakthrough, as the delay between Apple’s iOS updates and our forensic software release has significantly reduced.

Read the rest of this entry »

Best Practices in Mobile Forensics: Separating Extraction and Analysis

July 31st, 2023 by Oleg Afonin

In the ever-evolving landscape of digital investigations, mobile forensics has become a critical aspect of law enforcement work. The challenges of extracting, handling, and analyzing data obtained from various sources have led to a growing demand for universal solutions. We’d like to emphasize the importance of every stage of mobile forensics, the significance of extraction, and the critical importance of expertise in this field.

Read the rest of this entry »