Cellebrite iPhone hacking tools selling on eBay for as little as $100

Posted:
in iPhone edited February 2019
Meant to be used only by law enforcement, Cellebrite hacking tools for iPhones and other smartphones are reportedly selling on eBay for sums as low as $100.

Image Credit: AFP/Getty Images
Image Credit: AFP/Getty Images


The most expensive the used hardware gets is $1,000, Forbes said on Thursday. Cellebrite sells new systems for $6,000 or higher.

The forensic data firm is sending letters to clients warning them against reselling its hacking tools, given the potential for illegally breaking into private data. Nominally the equipment is expected to be sent back to Cellebrite -- serious concerns have been raised given that people within or connected to police agencies are not only putting the tools in the hands of unknown persons, but potentially leaking case data if it hasn't been wiped.

One security researcher, Matthew Hickey, recently bought a dozen such units and discovered data on what devices were searched and when, and the forms of data that were extracted. That includes IMEI numbers, which could be used to track down an individual phone.

The devices could even contain chats and contact lists, Hickey said, though he chose not to explore that material.

Still more worrisome is the possibility that Cellebrite's tools could map out vulnerabilities it hasn't shared with Apple and other vendors. Apple tends to close exploits used by forensics firms as soon as it discovers them, since they could just as well be used illegally.

Cellebrite is famously believed to be the third party the FBI turned to crack the iPhone 5c of San Bernardino killer Syed Rizwan Farook. The FBI and Department of Justice had been insisting that they needed Apple to code a backdoor, but were met with active opposition by CEO Tim Cook and others, who argued that the company would have to fundamentally compromise the security of iOS -- precisely because backdoors could be leaked or shared by government agencies, or else discovered independently.

Various U.S. officials have complained that Apple's insistence on end-to-end messaging encryption and full-disk encryption for devices is causing its products to "go dark" to law enforcement and spy agencies. The battle has in fact gone global, with the "Five Eyes" intelligence network -- including Australia, Canada, New Zealand, the U.K. and the U.S. -- claiming that "privacy is not an absolute," and hoping for legislation that can bypass encryption, despite complaints from tech companies, privacy advocates, and the public.
«1

Comments

  • Reply 1 of 22
    Good night and sleep tight. Your government will make sure that the hacker tools they employ will never get into the wrong hands. 

    https://www.featuredcustomers.com/vendor/cellebrite/customers
    cornchipracerhomie3chasmwatto_cobra
  • Reply 2 of 22
    This is bizarre.
    watto_cobra
  • Reply 3 of 22
    AppleExposedAppleExposed Posts: 1,805unconfirmed, member
    Isn't it only successful for iOS 10 and earlier?
    watto_cobra
  • Reply 4 of 22
    lkrupplkrupp Posts: 10,557member
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    anantksundaramcaladanianchasmberndogleavingthebiggStrangeDayswatto_cobrajony0
  • Reply 5 of 22
    Do not hold your breath. I saw one in use in an Apple Store to transfer the customer's Android phone data to the iPhone.
    watto_cobra
  • Reply 6 of 22
    The government does not have an absolute right to exploit personal privacy.   Immigration currently has the authority to "inspect" anyone crossing the boarder including US citizens and this includes any computer.  With devices like these they can scoop up all of your data in a few minutes, return your device and then sort through it all at their leisure.  Despite claims of security over this information, people are people and data will  be leaked, as highlighted by recent IRS personnel releasing tax information.  

    These devices and hacks are extremely dangerous for citizens and governments alike as then no information is safe.
    viclauyycwatto_cobra
  • Reply 7 of 22
    MplsPMplsP Posts: 3,911member
    Good night and sleep tight. Your government will make sure that the hacker tools they employ will never get into the wrong hands. 

    https://www.featuredcustomers.com/vendor/cellebrite/customers
    I don't know if there's any way of verifying where these devices came from, but I fault Celebrite for this. It would have been far more secure if they and required the devices to 'phone home' and get authorization before use but they decided to sell them as unlocked devices, so after they left the warehouse, who knows where they went.
    watto_cobra
  • Reply 8 of 22
    MplsPMplsP Posts: 3,911member

    lkrupp said:
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    Do we know if they even work on a device with iOS 12? that may be why the dump - Apple updated iOS and they're suddenly useless.
    lolliverwatto_cobra
  • Reply 9 of 22
    MplsP said:

    lkrupp said:
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    Do we know if they even work on a device with iOS 12? that may be why the dump - Apple updated iOS and they're suddenly useless.
    I was checking out the listings. The majority of them say expired license key. Most seem to be on outdated software so they are probably useless on newer iPhone's. I did visit Cellebrite's website and was looking at the services they provide. Their website says they can unlock data from iPhone's on iOS 5 to iOS 11. 
    edited February 2019 lolliverracerhomie3MisterKitwatto_cobra
  • Reply 10 of 22
    Of course they are, this is why you can't have a "backdoor" in any kind of secure system. Eventually the laws of capitalism take over and it eventually becomes public knowledge.

    Which is exactly what happened to RIM's master key for their messaging platform.
    racerhomie3chasmMisterKitStrangeDayswatto_cobra
  • Reply 11 of 22
    lkrupplkrupp Posts: 10,557member
    MplsP said:

    lkrupp said:
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    Do we know if they even work on a device with iOS 12? that may be why the dump - Apple updated iOS and they're suddenly useless.
    If I understand correctly how these things work they do so by brute force passcode attempts after bypassing Apple’s limitation on how many attempts can be made before locking. With a four digit passcode the phone can be unlocked in a relative short amount of time. I personally have a seven digit passcode so it would take considerably more time. iOS allows an alphanumeric passcode which would make it all but impossible to brute force attack if that passcode was a good and long one. So it stands to reason that someone whom a government would be interested in would have already switched to an alphanumeric passcode. It’s the petty criminals who are usually also dumb about technology. 
    caladanianMisterKitmuthuk_vanalingamwatto_cobra
  • Reply 12 of 22
    lkrupp said:
    MplsP said:

    lkrupp said:
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    Do we know if they even work on a device with iOS 12? that may be why the dump - Apple updated iOS and they're suddenly useless.
    If I understand correctly how these things work they do so by brute force passcode attempts after bypassing Apple’s limitation on how many attempts can be made before locking. With a four digit passcode the phone can be unlocked in a relative short amount of time. I personally have a seven digit passcode so it would take considerably more time. iOS allows an alphanumeric passcode which would make it all but impossible to brute force attack if that passcode was a good and long one. So it stands to reason that someone whom a government would be interested in would have already switched to an alphanumeric passcode. It’s the petty criminals who are usually also dumb about technology. 
    If they didn’t know before, they learn when they see these kind of stories on the news. 

    watto_cobra
  • Reply 13 of 22
    This is why you don’t want vulnerabilities left unpatch, which governments do by not reporting them.  
    The bad guys can reverse engineer the tools used by law enforcement.  Or, just steal the tool and sell it...
  • Reply 14 of 22
    maltzmaltz Posts: 453member
    Great!  Apple can buy one and patch the holes it uses, if they haven't already.
    MisterKitwatto_cobra
  • Reply 15 of 22
    lkrupp said:
    MplsP said:

    lkrupp said:
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    Do we know if they even work on a device with iOS 12? that may be why the dump - Apple updated iOS and they're suddenly useless.
    If I understand correctly how these things work they do so by brute force passcode attempts after bypassing Apple’s limitation on how many attempts can be made before locking. With a four digit passcode the phone can be unlocked in a relative short amount of time. I personally have a seven digit passcode so it would take considerably more time. iOS allows an alphanumeric passcode which would make it all but impossible to brute force attack if that passcode was a good and long one. So it stands to reason that someone whom a government would be interested in would have already switched to an alphanumeric passcode. It’s the petty criminals who are usually also dumb about technology. 
    This is one fo the things I wish Apple would address: if I have a 4 digit passcode on my phone and the keypad comes up it shows 4 dots above, one for each digit.  If I have a 6 digit passcode there are 6 dots, etc. But if I have an alphanumeric passcode a box appears with no indication of how one the passcode is. It could still be 4 digits but it wouldn’t be immediately obvious.  

    But on my Apple Watch, if I have a 4 digit passcode it shows (or used to anyway) 4 dots (or something similar). But changing that to a 6 digit passcode is more akin to the alphanumeric passcode on the iPhone, it just shows a blank area that expands the more you tap in the code, there is no indication as to how long the code is.

    It would be nice if even a 4 digit passcode was made slightly more obscure for if your phone is ever lost/stolen/confiscated.
    watto_cobra
  • Reply 16 of 22
    knowitallknowitall Posts: 1,648member
    Good night and sleep tight. Your government will make sure that the hacker tools they employ will never get into the wrong hands. 

    https://www.featuredcustomers.com/vendor/cellebrite/customers
    In the Nerherlands we have the infamous quote from mr Colijn right before Germany invaded Holland (WWII) “Gaat u maar rustig slapen” (“all is well you can sleep without worries ...”)
    Government can never be trusted if allone because of utter stupidity.
    wonkothesane
  • Reply 17 of 22
    lkrupp said:
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    No it does not mean that. It only means that there are suckers who follow scum. How many times somene purchased something that does not work? Also that could mean that someone injects tools that by themsleves are malware or device for surveillance. I would guess that some limited functionality might be there and could be blocked eaisly, but someone tries to get access to nefarious actor's equipment.
  • Reply 18 of 22
    Tim Cook's point painfully being made over and over.
    jdgarvin50watto_cobra
  • Reply 19 of 22
    genovelle said:
    lkrupp said:
    MplsP said:

    lkrupp said:
    This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 
    Do we know if they even work on a device with iOS 12? that may be why the dump - Apple updated iOS and they're suddenly useless.
    If I understand correctly how these things work they do so by brute force passcode attempts after bypassing Apple’s limitation on how many attempts can be made before locking. With a four digit passcode the phone can be unlocked in a relative short amount of time. I personally have a seven digit passcode so it would take considerably more time. iOS allows an alphanumeric passcode which would make it all but impossible to brute force attack if that passcode was a good and long one. So it stands to reason that someone whom a government would be interested in would have already switched to an alphanumeric passcode. It’s the petty criminals who are usually also dumb about technology. 
    If they didn’t know before, they learn when they see these kind of stories on the news. 

    Blaming the media for security, eh?
  • Reply 20 of 22

    Do not hold your breath. I saw one in use in an Apple Store to transfer the customer's Android phone data to the iPhone.
    I’m quite certain you did not see one of these devices being used for that purpose. 
    watto_cobra
Sign In or Register to comment.