Eighteen Years of GPU Acceleration
November 27th, 2025 by Oleg Afonin
Eighteen years ago, before “GPU acceleration” and “AI data center” became household terms, a small hi-tech company changed the rules of cryptography. In 2007, we unveiled a radical idea – using the untapped power of graphics processors to recover passwords, which coincided with the release of video cards capable of performing fixed-point calculations. What began as an experiment would soon redefine performance computing across nearly every field.
Extracting and Using Stored Passwords from Web Browsers
July 7th, 2020 by Oleg Afonin
Breaking passwords becomes more difficult with every other update of popular software. Microsoft routinely bumps the number of hash iterations to make Office document protection coherent with current hardware. Apple uses excessive protection of iTunes backups since iOS 10.1, making brute force attacks a thing of the past. VeraCrypt and BitLocker were secure from the get go. However, everything is not lost if you consider human nature.
Extracting Passwords from Tencent QQ Browser
July 7th, 2020 by Oleg Afonin
QQ Browser is one of China’s most popular Web browsers. With some 10% of the Chinese market and the numerous Chinese users abroad, QQ Browser is used by the millions. Like many of its competitors, QQ Browser offers the ability to store website passwords. The passwords are securely encrypted, and can be only accessed once the user signs into their Windows account. Learn what you need to do to extract passwords from Tencent QQ Browser.
Unlocking BitLocker Volumes by Booting from a USB Drive
June 30th, 2020 by Oleg Afonin
BitLocker is Windows default solution for encrypting disk volumes. A large number of organizations protect startup disks with BitLocker encryption. While adding the necessary layer of security, BitLocker also has the potential of locking administrative access to the encrypted volumes if the original Windows logon password is lost. We are offering a straightforward solution for reinstating access to BitLocker-protected Windows systems with the help of a bootable USB drive.
iOS, watchOS and tvOS Acquisition Methods Compared: Compatibility Notes
June 18th, 2020 by Vladimir Katalov
How can you obtain the highest amount of data from an iPhone, iPad, Apple TV or Apple Watch? This is not as simple as it may seem. Multiple overlapping extraction methods exist, and some of them are limited to specific versions of the OS. Let’s go through them and summarize their availability and benefits.
iOS Extraction Without a Jailbreak: Full iOS 10 Support
June 16th, 2020 by Oleg Afonin
Originally released in September 2016, iOS 10 was regularly updated for most devices until July 2017. The 64-bit iPhones capable of running iOS 10 range from the iPhone 5s to iPhone 7 and 7 Plus. While one is hardly likely to encounter an iOS 10 in the wild, forensic labs still process devices running the older version of the OS. In this update, we’ve brought support for jailbreak-free extraction back to the roots, adding support for the oldest version of iOS capable of running on the iPhone 7 generation of devices. Let’s see what it takes to extract an older iPhone without a jailbreak. In addition, we have expanded support for the Apple TV devices, now offering keychain decryption in addition to file system extraction for both Apple TV 4 (Apple TV HD) and Apple TV 4K running tvOS 13.4 through 13.4.5.
Jailbreaking Apple TV 4K
June 12th, 2020 by Vladimir Katalov
Is jailbreaking an Apple TV worth it? If you are working in the forensics, it definitely is. When connected to the user’s Apple account with full iCloud access, the Apple TV synchronizes a lot of data. That data may contain important evidence, and sometimes may even help access other iCloud data. I have some great news for the forensic crowd: the Apple TV does not have a passcode. And some bad news: jailbreaking is not as easy and straightforward as we’d like it to be. Let’s have a look at what can be done.
iCloud Extraction Streamlined
June 11th, 2020 by Vladimir Katalov
Apple iCloud contains massive amounts of data, which may become highly valuable evidence. The oldest and most frequently mentioned are iCloud backups, which ElcomSoft were the first to extract back in 2012. A lot has changed since then. Today, iCloud backups account for a very minor part of the evidence available in iCloud. Learn what types of data are stored in iCloud, how Apple protects the data with end-to-end encryption, and how to access that valuable evidence with the updated Elcomsoft Phone Breaker.
iCloud Backups, Synced Data and End-to-End Encryption
June 10th, 2020 by Oleg Afonin
Since iOS 5, Apple allows users to back up their phones and tablets automatically into their iCloud account. Initially, iCloud backups were similar in content to local (iTunes) backups without the password. However, the introduction of iCloud sync has changed the rules of the game. With more types of data synchronized through iCloud as opposed to being backed up, the content of iCloud backups gets slimmed down as synchronized information is excluded from cloud backups (but still present in local backups).
Apple Two-Factor Authentication: SMS vs. Trusted Devices
June 8th, 2020 by Oleg Afonin
Multi-factor authentication is the new reality. A password alone is no longer considered sufficient. Phishing attacks, frequent leaks of password databases and the ubiquitous issue of reusing passwords make password protection unsafe. Adding “something that you have” to “something that you know” improves the security considerably, having the potential of cutting a chain attack early even in worst case scenarios. However, not all types of two-factor authentication are equally secure. Let’s talk about the most commonly used type of two-factor authentication: the one based on text messages (SMS) delivered to a trusted phone number.
Researching Confide Messenger Encryption
June 8th, 2020 by Ivan Ponurovskiy
iPhone users have access to literally hundreds of instant messaging apps. These apps range all the way from the built-in iMessage app to the highly secure Signal messengers, with all stops in between. Many of the messaging apps are marketed as ‘secure’ or ‘protected’ messengers, touting end-to-end encryption and zero retention policies. We routinely verify such claims by analyzing the security of various instant messaging apps. It turned out that the degree of protection can vary greatly, having little to do with the developers’ claims. Today we’ll check out Confide, a tool advertising unprecedented level of security.
