TotalRecall shows how easily data collected by Windows Recall can be stolen

Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows’ newly announced Recall feature to steal sensitive information.

TotalRecall Windows Recall abuse

TotalRecall results (Source: Alexander Hagenah)

Copilot+ Recall and its security pitfalls

On May 20, Microsoft announced a new line of Windows 11-powered PCs called Copilot+. Among its previewed features was Recall, which was immediately viewed with suspicion by security professionals and privacy-minded users.

Copilot+ Recall takes snapshots of the computer’s screen ever few seconds (some things can be excluded), encrypts and stores the snapshots locally, uses optical character recognition (OCR) to extract relevant information that users may search for later, and and stores this data locally in an SQLite database, in plain text.

In theory, only the user may access it when logged into the computer. In practice, though, info-stealing malware and hackers can access it, and so can other users on the same device.

Security researcher Kevin Beaumont tested the feature and proved that the exfiltration of Recall databases can be automated.

“Recall enables threat actors to automate scraping everything you’ve ever looked at within seconds,” he said.

“During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.”

He also criticized Microsoft for enabling the feature by default and putting the onus on users to disable it, as well as pointed out that even if Recall is switched off, attackers can easily switch it on with Powershell without the user noticing.


Hagenah was initially motivated by curiosity: he wanted to know what he could do with the feature, whether he could abuse it, and wanted to check for himself whether it would be safe to use. But once he determined that it wasn’t, he thought it important to raise awareness with the public. “They should know it can be dangerous,” he told Help Net Security.

TotalRecall finds the Recall database, copies the taken screenshots and the SQLite database to an extraction folder, parses the databases for artifacts specified by the user (e.g., passwords, search terms, credit card info, etc.), and then delivers a summary that includes those artifacts.

He does not plan to make changes to the tool. “The PoC stands as is. I am just super curious about what MS will do before launch of Recall,” he told Help Net Security.

Copilot+ Recall is scheduled to be released on June 18, 2024. If Microsoft does not decide to delay it or scrap the whole thing (which is unlikely), it is to be hoped that it will make changes to address these egregious security failings.



Don't miss