Suspected San Bernardino iPhone penetrators Cellebrite fall victim to server hack

Posted:
in General Discussion
Cellebrite, the Israeli digital forensics firm thought to have provided the FBI with assistance to break the security of the San Bernardino shooter's iPhone, has confirmed it has been the victim of a security breach of one of its servers.




A notice on Cellebrite's website alerting to the breach explains it took place on an external web server, and that it is investigating the full extent of the breach before taking steps to harden its security. Cellebrite admits the attacked server was used to hold a "legacy database backup" of the company's own end user license management system my.Cellebrite, which it has already migrated away from.

The details accessed from the database include basic contact information for users registered for alerts, and hashed passwords for users who are not yet migrated over to the new system. While Cellebrite claims it is unaware of "any specific increased risk" to customers, it does advise account holders to change their passwords as a precautionary measure.

The intruders may have gotten away with a lot more than Cellebrite is advising, as Motherboard claims it has obtained approximately 900 gigabytes of data related to the company, believed to have been sourced in part from Cellebrite's servers. The data cache contains more than just customer information, with technical data about Cellebrite's products and evidence files from seized mobile phones allegedly included in the haul, though it is unclear if details of device vulnerabilities were present.

Cellebrite is best known for its mobile forensics work, which was allegedly put to the test by the FBI with the San Bernardino shooting. It is believed the FBI used Cellebrite's technology to acquire data from shooter Syed Rizwan Farook's iPhone 5c running iOS 9, bypassing the passcode lock to gain entry.

While neither Cellebrite nor the FBI have confirmed involvement with each other over the digital assistance, it is believed the FBI paid out less than $1 million to receive a zero-day vulnerability, with Cellebrite the most likely recipient. The events of San Bernardino proved profitable to Cellebrite in other ways, with reports the Indian government has also bought rights to use the company's technology.

Last month, a leak demonstrated how far Cellebrite's tool could go in acquiring data from an iPhone. While it was able to pull out a lot of data potentially helpful to a police enquiry, it is noted that the iPhone used was not protected by a passcode, leaving data unencrypted and easier to access.
brakken

Comments

  • Reply 1 of 15
    Karma?
    joshvanhulstwatto_cobra
  • Reply 2 of 15
    thrangthrang Posts: 1,007member
    CellNotSoBrite
    anantksundaramwatto_cobra
  • Reply 3 of 15
    rob53rob53 Posts: 3,241member
    "the attacked server was used to hold a "legacy database backup" of the company's own end user license management system my.Cellebrite" Not a bad server to hack to determine who has been using Cellebrite's products. Could easily be used to justify an investigation into the FBI to see if any laws were broken. (heaven forbid someone as truthful as Comey ever did anything illegal)
    apple jockey
  • Reply 4 of 15
    it's an armaments heist and methodologies heist.  It's like Soviet's stealing American Radar information to see where the US was looking and more importantly where they were not.
  • Reply 5 of 15
    Oh great. So my personal information is relatively safe from hackers while in my possession, but once the police access it, that information is stored in a way that hackers can get it.

    If one had paranoid leanings, this could be interpreted as an argument against allowing law enforcement access to protected devices.

    Or maybe I'm reading too much into this. I don't know enough about the subject to offer a meaningful opinion.
  • Reply 6 of 15
    mtbnutmtbnut Posts: 199member
    longpath said:
    Karma?
    No, better: schadenfreude
    macseekerbaconstangjohn.b
  • Reply 7 of 15
    The hackers have been hacked. They reaped what they sowed. 

    Perhaps its best to try and stay offline. Or maintain a low profile. 
    macseekerwatto_cobra
  • Reply 8 of 15
    What a laughable bunch of morons. 

    Yeah, I'd sign them up for sensitive work...
  • Reply 9 of 15
    Looks like a job for Mossad.
  • Reply 10 of 15
    rcfarcfa Posts: 1,124member
    Live by the sword, die by the sword...
  • Reply 11 of 15
    wigbywigby Posts: 692member
    What a laughable bunch of morons. 

    Yeah, I'd sign them up for sensitive work...
    At least they came clean. Any cybersecurity expert will tell you that every single company and individual has been hacked in some way.  Most don't even know it yet and the ones that do will not admit it for fear of lawsuits and being forced to spend money and take action. Welcome to the hacked club Cellebrite.
  • Reply 12 of 15
    One more reason not to grant back-door privileges to iPhone to governments. Hackers are expressly targeting the files of those with back-door keys.
  • Reply 13 of 15
    macxpressmacxpress Posts: 5,801member
    To me this is why something like having a more easily hackable iOS device is very dangerous. Sure, maybe Apple creates a device thats slightly easier to get into (or is forced to), and this could be the result. A contractor such as this company is able to get into the device and extract the data. Well that data has to be stored somewhere and its only a matter of time before it gets hacked into. Now you have what could be sensitive information out in the wild or maybe just someone's personal information. The nay sayers of Apple locking down their device forget what could be on someone's device. Its more than just photos, messages, and emails. 
  • Reply 14 of 15
    brakkenbrakken Posts: 687member
    The hunter becomes the hunted.

    FBI: *hint*
  • Reply 15 of 15
    wigby said:
    What a laughable bunch of morons. 

    Yeah, I'd sign them up for sensitive work...
    At least they came clean. Any cybersecurity expert will tell you that every single company and individual has been hacked in some way.  Most don't even know it yet and the ones that do will not admit it for fear of lawsuits and being forced to spend money and take action. Welcome to the hacked club Cellebrite.
    Only experts who want to sell you protection make that claim. That's like saying every human has been hacked with a virus when what you really mean is you got the flu. 
Sign In or Register to comment.