Urgent Notice! The Leakage of The Backup Data in iOS 10

Urgent Notice! The Leakage of The Backup Data in iOS 10

Recently, there have been reports of iOS10 system that the data backup of iTunes has some issues. Besides, for the data security, you’d better read this article if you are the iOS user.

Has your iPhone been attacked?

Perhaps you will think that the iOS is the most closed and the most secure system, but recently, the Russian IT security and digital forensics company- ElcomSoft pointed out that it is easier than the past few years to crack iOS10 system iTunes backup files in the new iOS10 system. The reason is that the iOS10 system has used a new password authentication method.

The new password mechanism of iOS10 will skip some specific security check steps, compared with the previous iOS version, the efficiency of crack iOS10’s password has increased 2500 times. And the most importantly, the new backup mode and the old backup mode is coexistent.

When we back up the data, the iTunes encrypted backup files can be protected through the password on the Mac or PC. But according to the previous data survey, it may be forced to crack through some password cracking software, resulting in some data loss.

If you are a businessman, or you have a confidential document which can not be leaked out, then you should pay more attention! Moreover, as for the iPhone user, we usually use iTunes to back up our phone data - The new iTunes12 Tutorial. But if you will not use iTunes to back up your data, the most secure way is to transfer your phone data to the computer for backup through other iPhone transfer software.

Elcomsoft is a company specializing in accessing to iPhone data in some softwares. Meanwhile, if an attacker gets an iTunes backup password, it means that they have access to all the data on the phone, including all the information stored in the keychain. Here’re the specific test results of Elcomsoft.

iOS 9 (CPU): 2400 times per second (Intel i5)
iOS 9 (GPU): 150000 times per second (NVIDIA GTX 1080)
iOS 10 (CPU): 6000000 times per second (Intel i5)

We can clearly figure out that the iOS 10 attack speed is 2499 times higher than the iOS9 system. One can imagine, there will be many problems!

It contains a lot of sensitive data in the iOS backup files, which stored in the iPhone, including all the passwords, phone numbers and other information. On the other hand, have you met the situation that you forget your phone password? If yes, for your referring, you can get the help of The Phone Recovery Expert.

Elcomsoft said that they can try 6 million of passwords in a second, to access to the correct password probability of 80% to 90%. Therefore, this will increase the violent attacks crack speed in the mobile phone system.

At present, Apple has acknowledged this issue in the statement, although they said the problem will not affect the iCloud backup, users still need to ensure that their computer has a strong password protection, which can only be accessed by authorized users.

At the same time, I believe that this problem will soon be resolved, before that, we all have to learn to protect our data, to prevent leakage of some confidential documents.