Cellebrite Hack Highlights Dangers of State Snooping

Written by

A hacktivist who compromised a controversial Israeli ‘security’ firm has released a new trove of information, in a move designed to highlight how easily secretly crafted backdoors can make it out into the wider world.

News emerged in January that Cellebrite had been hacked and 900GB worth of data stolen. The firm’s main product is called the Universal Forensic Extraction Device (UFED) – a tool designed to extract phone data which is being used extensively by US and UK police.

Now the person claiming responsibility has released files related to Android, BlackBerry and older, crackable, iOS devices.

The individual claimed to have extracted the data from UFED images, bypassing Cellebrite's encryption.

Much of the code resembles that commonly used by jailbreakers, with some of it adapted for forensic purposes, experts told Motherboard.

Cellebrite first leaped to notoriety when it was claimed that the FBI had hired it to crack the iPhone of the San Bernardino shooter, after failing via the courts to force Apple to build a backdoor.

One of Apple’s arguments against complying at the time was that if a technology company builds a backdoor in any of its products, even if that code is only shared with law enforcers, it could eventually make its way into the hands of the black hats.

As law enforcers step up their attempts to force tech firms to break the encryption many have built into products and services post-Snowden, the risk of this happening is growing by the day.

"The debate around backdoors is not going to go away, rather, it is almost certainly going to get more intense as we lurch toward a more authoritarian society," the hacker told Motherboard via online chat.

"It's important to demonstrate that when you create these tools, they will make it out. History should make that clear.”

A Cellebrite spokesperson claimed no source code was stolen in the attack.

Tony Gauda, CEO of endpoint security firm ThinAir, argued that the Cellebrite breach is a “privacy advocate’s nightmare come true.”

“While the legitimacy of the files leaked today hasn’t been confirmed, this incident is a clear example of why backdoors are seen as a double-edged sword by members of the technology community,” he added. “Software exploits that allow law enforcement to exfiltrate data during criminal investigations become extremely dangerous when in the wrong hands, and firms such as Cellebrite must acknowledge the huge target they have on their backs.”

What’s hot on Infosecurity Magazine?