Elcomsoft Phone Breaker 11.03: universal binary for Macs, SMS two-factor authentication restored

Elcomsoft Phone Breaker 11.03 ships as a universal binary for macOS, running natively on both Apple Silicon and Intel Macs. The update also restores iCloud sign-in with SMS as the second factor, and removes the pre-login 2FA status check that Apple no longer supports.

One installer for every Mac

After the large-scale rework of recent versions, the macOS build shipped as a ZIP archive containing two separate installers – one for Intel, one for Apple Silicon. That's over. Version 11.03 is a single universal binary that runs natively on either architecture. Download, install, done.

SMS two-factor authentication works again

Signing in to an Apple Account with an SMS code had been broken for a while, leaving trusted-device approval as the only working path. Forensic experts relied on that SMS flow, so we fixed it. It works now – but we still strongly recommend against it. SMS-based sign-in attempts are more likely to get the account flagged or locked, so if a trusted device is available, we strongly recommend using it.

No more pre-login 2FA check

There used to be a way to check whether two-factor authentication was enabled on an Apple Account before actually signing in. That made sense back when plenty of accounts had no 2FA at all, and the check saved a step. Apple has since closed that method, the preliminary "check" login started failing, Elcomsoft Phone Breaker reported an incorrect password, and the attempt still triggered a notification on the user's devices.

We removed the check-in login altogether. Sign-in now goes straight to standard 2FA authentication.

Availability

The update is free of charge to all customers with a valid license. Windows and macOS editions are available with separate licenses. Discounted renewal is available to customers whose free update period has already expired.

Release notes:

  • macOS version: universal binary for Apple Silicon and Intel Macs
  • iCloud: fixed iCloud login using SMS authentication
  • iCloud: removed the pre-login 2FA status check (Apple no longer exposes this data, so sign-in now always goes straight to standard 2FA authentication)

Mais