Cellebrite, Company That Helped FBI To Hack An iPhone Used By The San Bernardino Attacker Got Hacked, iPhone Hacking Tools Leaked Online

If you remember, after San Bernardino terrorist attack, which took place during late 2015, FBI asked Apple to unlock the iPhone 5c used by one of the attackers, in an effort to uncover evidence that could give the police new findings of the case.

Apple responded by stating that it can’t help the FBI because if the company made the potential unlock tool, the tool could make iPhone security encryption obsolescent if ended in wrong hands. FBI tried to make Apple unlock the iPhone by a couple of court orders, but the Cupertino giant refused to do so because of its users.

At the end, FBI managed to hack into the iPhone and unlock the device. Apple chose to not cooperate so the FBI turned to one Israeli company, Cellebrite, which managed to develop tools able to breach the iPhone thus allowing FBI to snoop through the attacker’s device.

Apple’s CEO, Tim Cook, stated in an interview with ABC’s David Muir that creating iPhone Backdoor for FBI would be ‘Software Equivalent Of Cancer.’

Cellebrite is a company specialized on developing tools used by law enforcement agencies to extract data from mobile phones. The firm’s most popular product is called Universal Forensic Extraction Device (UFED); UFED looks like a small laptop and is capable of hacking thousands of phone models.

After connecting the device to a mobile phone, the UFED can transfer emails, SMS messages, personal data, and more. The Israeli firm sold its tech to many agencies, with the US state police and highway patrol agencies spent millions of dollars on Cellebrite products alone.

Cook’s words now gained, even more, weight after reports started circling about Cellebrite’s servers being hacked, with attackers stealing 900 GB of data. Some of the data include documents proving that the company sold its iPhone hacking tools to the governments of Turkey, the United Arab Emirates, and Russia.

But that’s not the worst thing. The hacker who breached servers also managed to snag the tool used by the company to breach iPhone’s security. The hacker responsible for the attack publicly released a collection of files related to Blackberry and Android devices; the files regarding the iPhone hacking tool were also published.

The hacker stated to Motherboard that “The debate around backdoors is not going to go away, rather, it is almost certainly going to get more intense as we lurch toward a more authoritarian society,” and that “It’s important to demonstrate that when you create these tools, they will make it out. History should make that clear.”

The hacker claims that the group responsible hacked a remote Cellebrite server; although the files were protected, the group managed to bypass the defenses. The data collection is accompanied with a README file in which hackers explain that “The ripped, decrypted and fully functioning Python script set to utilize the exploits is also included within.”

Much of the files are similar to those used by people in the jailbreak scene, for hacking older iPhone models.

Cellebrite responded by saying that “The files referenced here are part of the distribution package of our application and are available to our customers.  They do not include any source code.”

Leave a Reply

Your email address will not be published. Required fields are marked *