How To Extract Telegram Secret Chats from the iPhone
- Author Vladimir Katalov
- Published August 11, 2020
- Word count 540
With nearly half a billion users, Telegram is an incredibly popular cross-platform instant messaging app. While Telegram is not considered the most secure instant messaging app (this title belongs to Signal), its conversation histories do not appear in either iTunes or iCloud backups. Moreover, Telegram secure chats are not stored on Telegram servers. As a result, Telegram secret chats can be only extracted from the device of origin. Learn how to extract and analyse Telegram secret chats from the iPhone file system image.
Extraction options that do not work: Telegram cloud
Most instant messengers, including Telegram, synchronize and store communication histories in their own cloud services. Telegram maintains its own proprietary cloud service to deliver messages, synchronize user information and store conversation histories. This information is available to the law enforcement with one exception: Telegram secret chats. Telegram developers emphasize end-to-end encryption for secret chats, which makes secret chats device specific. They are not part of the Telegram cloud, they cannot be extracted with cloud acquisition and they cannot be obtained from Telegram the company with a government request.
Telegram does not store secret chats in the cloud. There is nothing to request and there is nothing to access even if one signs in with the user's credentials. However, regular chats can be extracted from the Telegram cloud or obtained with a legal request.
iTunes and iCloud Backups
Some messengers do keep their conversation histories in backups and some don't. For example, iMessages can be extracted from password-protected backups if (and only if) the Messages in iCloud option is not enabled in the device settings. With Telegram app for iOS, neither the regular conversation history nor secret chats are backed up. The conversation history is not saved to iTunes or iCloud backups; as a result, Telegram chats cannot be obtained from the device by using logical acquisition.
Telegram does not allow its conversation histories (including regular and secret chats) in local backups, even those that are protected with a password.
What does work: file system images
The complete Telegram conversation history including the content of secret chats can be only obtained from the device of origin. The working database must be extracted from a file system image obtained with agent-based or jailbreak-based extraction.
Telegram databases are stored in plain SQLite format; they are never encrypted (other than using the iOS file-based encryption feature).
Extracting and Analyzing Telegram Secret Chats
To decrypt and analyze a Telegram conversation history, open the file system image in Elcomsoft Phone Viewer (https://www.elcomsoft.com/epv.html) and use the extracted file system image to access the Telegram database.
Follow these steps to view the Telegram database:
-
Have the following readily available: file system image (.tar) extracted with Elcomsoft iOS Forensic Toolkit and the latest version of Elcomsoft Phone Viewer (EPV 5.0 or newer).
-
Launch Elcomsoft Phone Viewer and open the file system image.
-
Once the file system image fully loads, click on the Telegram icon.
-
You can now browse and view Telegram chats and other information.
Conclusion
Of the three vectors of attack (logical, physical and cloud extraction) secret chats can be only acquired via physical acquisition. Regular chats, however, can be also extracted from the Telegram cloud service or obtained via a legal request.
Vladimir Katalov is CEO, co-founder and co-owner of ElcomSoft. Vladimir manages all technical researches and product developments in the company. He regularly presents on various events and regularly runs security and computer forensics trainings.
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- Out with Fianna Fáil and Fine Gael: 230,000 Irish Children Living in Poverty
- The challenge of Cholera today
- The Ultimate Guide to 3D Animation: From Basics to Advanced Techniques
- Strategic Equipment Financing: Simplifying Capital Investments for Sustainable Growth
- Transform Your Health Journey with Able's Online Weight Loss Counseling
- Are the Crocs' shoes good for your feet?
- Your Ultimate Guide to False Eyelash Types: Find Your Perfect Match!
- Discovering Lighting Stores in Brampton: Spotlight on Fehmilights
- Blue Pacific Financial Loans
- Why is SEO for businesses on the Wirral important
- Proton Mail In Vivaldi Email
- Email Deployment
- Search Engine Marketing: Unleashing Its Power for Your Business
- Squarespace email campaigns vs Mailchimp
- Squarespace email campaigns vs Mailchimp
- Commercial Cleaning Services in Auckland: A Deep Dive into Angel Cleaning
- What is CCTLD?
- Why Women of Color Need to Support Kamala Harris
- Email Extractor from CSV
- How to download Gmail email content into a CSV file.
- Is email marketing legit?
- How SEO Can Improve Your Business?
- Mitsubishi Electric proves heat pump compatibility with microbore pipework
- Polio: Doctors Struggled to Advise the Public Correctly.
- What makes the city of Melbourne such a unique place?
- What is the role of the Royal Society of London?
- Festive Decor with a Global Twist
- Mixer of Styles, The Boho Mid Century Farmhouse
- Explore Cape Town: Group Cape Town Tours With a Private Shuttle
- Exploring Airbnb Cleaning Service in Auckland: History, Trends, and Future Implications