Last year, there was a huge battle between Apple and the FBI in regards to iOS security. Specifically, the FBI asked Apple to compromise iOS security in order to get into the San Bernardino shooter’s iPhone 5c. The FBI then turned to Cellebrite to get into the phone. Now, Motherboard reports that a hacker has released files allegedly from Cellebrite that demonstrates how such tools can be dangerous.
The hacker claimed to have taken the newly released data from a remote Cellebrite server, and said they had extracted them from UFED images. They told Motherboard that the files were encrypted, likely in an attempt to protect Cellebrite’s intellectual property, but that they managed to bypass the protections.
Motherboard reports that Cellebrite had over 900GB of files stolen from its server last month which suggests that the firm sold cracking tools to Russia, Turkey, the UAE, and many others. Motherboard adds that the hacker responsible released some cached files from Cellebrite relating to cracking older iPhones.
Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones, some of which may have been copied from publicly available phone cracking tools. […]
“It’s important to demonstrate that when you create these tools, they will make it out. History should make that clear,” they continued.
The report notes, however, that the tools would require physical access to the phone. Motherboard‘s sources say that it is able to steal data from Cellebrite’s servers and break encryption to gain access to encrypted data.
In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene—a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.
While the cracking tools such as the one used in the San Bernardino iPhone case hasn’t leaked, it does show the dangers of creating such tools.
