{
	"id": "15b0fe90-9f0c-4d3b-8e49-9669d3271313",
	"created_at": "2026-04-06T00:11:22.309102Z",
	"updated_at": "2026-04-10T03:21:39.008166Z",
	"deleted_at": null,
	"sha1_hash": "2ed5111ad490edcdc3b7b24919b203d5459dd94c",
	"title": "ECO-1 · Mobile Threat Catalogue",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 45721,
	"plain_text": "ECO-1 · Mobile Threat Catalogue\r\nArchived: 2026-04-05 21:13:42 UTC\r\nMobile Threat Catalogue\r\nUnauthorized Access to Cloud Backups\r\nContribute\r\nThreat Category: Mobile OS \u0026 Vendor Infrastructure\r\nID: ECO-1\r\nThreat Description: An attacker gains access to a mobile device’s cloud backup.\r\nThreat Origin\r\nNot Applicable, See Exploit or CVE Examples\r\nExploit Examples\r\nElcomsoft Phone Breaker 1\r\nCVE Examples\r\nNot Applicable\r\nPossible Countermeasures\r\nMobile Device User\r\nTo prevent an attacker from realizing this threat, disable or do not enable cloud backups for the device, which can\r\nbe accomplished either through mobile OS settings or for enterprises, MDM device policy settings.\r\nTo increase the difficulty of an attacker gaining access to a cloud service account, enable increased authentication\r\nrequirements, such as two-factor authentication or step-up authentication when initally accessing the account from\r\nan unknown device.\r\nSome tools used to access cloud-based device backups leverage cryptographic tokens left on computers or devices\r\nused to legitimately access the cloud service (e.g., iCloud); if it is believed an attacker has had access to any such\r\nsystem, invalidate any recovered tokens they may have recovered by changing the authentication credentials for\r\nthe cloud service.\r\nAs knowledge of the authentication credentials for a cloud-based backup service may enable an attacker to gain\r\naccess, protect cloud service authentication credentials from unauthorized disclosure.\r\nhttps://pages.nist.gov/mobile-threat-catalogue/ecosystem-threats/ECO-1.html\r\nPage 1 of 2\n\nEnterprise\r\nTo prevent an attacker from realizing this threat, disable or do not enable cloud backups for the device, which can\r\nbe accomplished either through mobile OS settings or for enterprises, MDM device policy settings.\r\nReferences\r\n1. Elcomsoft Phone Breaker; https://www.elcomsoft.com/eppb.html [accessed 8/29/2016] ↩\r\nSource: https://pages.nist.gov/mobile-threat-catalogue/ecosystem-threats/ECO-1.html\r\nhttps://pages.nist.gov/mobile-threat-catalogue/ecosystem-threats/ECO-1.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://pages.nist.gov/mobile-threat-catalogue/ecosystem-threats/ECO-1.html"
	],
	"report_names": [
		"ECO-1.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434282,
	"ts_updated_at": 1775791299,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/2ed5111ad490edcdc3b7b24919b203d5459dd94c.pdf",
		"text": "https://archive.orkl.eu/2ed5111ad490edcdc3b7b24919b203d5459dd94c.txt",
		"img": "https://archive.orkl.eu/2ed5111ad490edcdc3b7b24919b203d5459dd94c.jpg"
	}
}