In our initial blogpost about “Operation Triangulation”, we published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators. To automate this process, we developed a dedicated utility to scan the backups and run all the checks. For Windows and Linux, this tool can be downloaded as a binary build, and for MacOS it can be simply installed as a Python package.
How to back up your device
Windows
On Windows, the easiest way to do a backup is via iTunes:
Connect your device to a computer that has iTunes installed. Unlock your device and, if needed, confirm that you trust your computer.
Window asking to trust the computer
Your device should now be displayed in iTunes. Right click on it and press “Back Up”.
The created backup will be saved to the %appdata%Apple ComputerMobileSyncBackup directory.
macOS
If your macOS version is lower than Catalina (10.15), you can create a backup using iTunes, using instructions for Windows. Starting from Catalina, backups can be created through Finder:
Connect your device to the computer and, if needed, confirm that you trust the computer.
Your device should now be displayed in Finder. Select it and then click “Create a b ..
Support the originator by clicking the read the rest link below.
