What's new

Hacker released tools FBI used to crack San Bernardino attacker’s iPhone online

Devil Soul

Devil Soul

ELITE MEMBER
Joined
Jun 28, 2010
Messages
22,931
Reaction score
45
Country
Pakistan
Location
Pakistan
Hacker released tools FBI used to crack San Bernardino attacker’s iPhone online
By Tech Desk
Published: February 4, 2017
8SHARES
SHARE TWEET EMAIL
1316969-iphonecreuters-1486206770-375-640x480.jpg

Cellebrite reportedly helped FBI get into the iPhone of one of the San Bernardino shooters. PHOTO:

A hacker has released the tools Federal Bureau of Investigation (FBI) used to crack one of the San Bernardino attackers’ iPhone online.

Last year, the FBI sought Apple assistance in hacking the iPhone 5c owned by Syed Farook, a US citizen, who gunned down 14 people with his Pakistani wife Tashfeen Malik in the California city on December 2, 2015. However, Apple refused to comply with orders with CEO Tim Cook saying that creating such “backdoor” would be “bad for America”.

“The protection of people’s data is incredibly important, and so the trade-off here is we know that doing this could expose people to incredible vulnerabilities,” the Apple CEO said.

Apple rejects ‘dangerous’ order to hack US shooter’s iPhone

Following Apple’s refusal, the FBI reportedly worked with an Israeli mobile security firm Cellebrite and was able to access the phone and what was stored on the device.

In January, a hacker was able to break into Cellebrite’s servers and stole around 900GB of data. The data, some of which was dumped online as a warning to FBI, suggests that Cellebrite had sold its phone cracking technology to oppressive regimes such as Turkey, United Arab Emirates and Russia.

FBI paid more than $1.3 million to break into San Bernardino iPhone

The hacker claimed to have extracted the Cellebrite’s Universal Forensic Extraction Device (UFED), a small, laptop-sized device capable of pulling SMS messages, emails, and more from thousands of different mobile phone models including older iPhones like the 5c as well as Android and Blackberry devices.

However, it is not clear when any of this code was used in the UFED. Many of the directory names start with “ufed” followed by a different type of phone, such as BlackBerry or Samsung.

New leak shows Pakistani ISPs may have been hacked by the NSA

Talking to Motherboard anonymously, the hacker said, “The debate around backdoors is not going to go away, rather, it is almost certainly going to get more intense as we lurch towards a more authoritarian society.”

“It’s important to demonstrate that when you create these tools, they will make it out. History should make that clear,” they continued.

This article originally appeared on Motherboard
 
https://motherboard.vice.com/en_us/...acking-tools-allegedly-stolen-from-cellebrite

Hacker Dumps iOS Cracking Tools Allegedly Stolen from Cellebrite

The hacker says this demonstrates that when organizations make hacking tools, those techniques will eventually find their way to the public.

In January, Motherboard reported that a hacker had stolen 900GB of data from mobile phone forensics company Cellebrite. The data suggested that Cellebrite had sold its phone cracking technology to oppressive regimes such as Turkey, the United Arab Emirates, and Russia.

Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones, some of which may have been copied from publicly available phone cracking tools.

"The debate around backdoors is not going to go away, rather, its is almost certainly going to get more intense as we lurch toward a more authoritarian society," the hacker told Motherboard in an online chat.

"It's important to demonstrate that when you create these tools, they will make it out. History should make that clear," they continued.

Cellebrite is an Israeli firm which specializes in extracting data from mobile phones for law enforcement agencies. The company's flagship product, the Universal Forensic Extraction Device (UFED), typically comes as a small, laptop-sized device, and can pull SMS messages, emails, and more from thousands of different mobile phone models. The investigator needs to have physical access to the phone to analyze it.

A Motherboard investigation found that US state police and highway patrol agencies have collectively spent millions of dollars on Cellebrite technology.

The hacker claimed to have taken the newly released data from a remote Cellebrite server, and said they had extracted them from UFED images. They told Motherboard that the files were encrypted, likely in an attempt to protect Cellebrite's intellectual property, but that they managed to bypass the protections.

1486053620541-Backdoorz.jpeg

The hacker's ASCII art, which reads "backdoorz."

"The ripped, decrypted and fully functioning Python script set to utilize the exploits is also included within," the hacker wrote in a README file accompanying the data dump. The hacker posted links to the data on Pastebin.

It's not clear when any of this code was used in the UFED. Many of the directory names start with "ufed" followed by a different type of phone, such as BlackBerry or Samsung.

In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene—a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.

Jonathan Zdziarski, a forensic scientist, agreed that some of the iOS files were nearly identical to tools created and used by the jailbreaking community, including patched versions of Apple's firmware designed to break security mechanisms on older iPhones. A number of the configuration files also reference "limera1n," the name of a piece of jailbreaking software created by infamous iPhone hacker Geohot. He said he wouldn't call the released files "exploits" however.

Zdziarski also said that other parts of the code were similar to a jailbreaking project called QuickPwn, but that the code had seemingly been adapted for forensic purposes. For example, some of the code in the dump was designed to brute force PIN numbers, which may be unusual for a normal jailbreaking piece of software.

"If, and it's a big if, they used this in UFED or other products, it would indicate they ripped off software verbatim from the jailbreak community and used forensically unsound and experimental software in their supposedly scientific and forensically validated products," Zdziarski continued.

A spokesperson for Cellebrite told Motherboard in an email: "The files referenced here are part of the distribution package of our application and are available to our customers. They do not include any source code."

He added that the company monitors new research from academia and the information security community, including "newly published forensic methods, research tools and publicly documented issues, including "jailbreaks," which enable platform research."

Cellebrite develops methods for gaining access to phones that do not change or alter data on the device, the spokesperson continued. He wrote that Cellebrite's technology is used to combat child trafficking and exploitation, sexual assault, murder, and drug and gang crime.

In its statement released in response to the initial data breach, Cellebrite only mentioned that "basic contact information" of its customers had been stolen. But as Motherboard reported at the time, the cache of data included much more.

In early 2016, the Department of Justice and Apple entered a fierce legal battle, in which the department tried to legally compel Apple to build a custom operating system that would allow investigators to bypass security protections on an iPhone. A concern at the time was that, if such an operating system was created, it could leak and become public.

Although these dumped tools may not be the most sensitive—Cellebrite keeps its techniques for cracking more recent iPhones inhouse—they do demonstrate that those worries were justified.

Researchers will likely now dig through the content for any interesting attacks or findings.

"Be careful in what you wish for," the hacker's message reads, before signing off with a piece of ASCII art, which says "Backdoorz."
 
Hamartia Antidote said:
https://motherboard.vice.com/en_us/...acking-tools-allegedly-stolen-from-cellebrite

Hacker Dumps iOS Cracking Tools Allegedly Stolen from Cellebrite

The hacker says this demonstrates that when organizations make hacking tools, those techniques will eventually find their way to the public.

In January, Motherboard reported that a hacker had stolen 900GB of data from mobile phone forensics company Cellebrite. The data suggested that Cellebrite had sold its phone cracking technology to oppressive regimes such as Turkey, the United Arab Emirates, and Russia.

Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones, some of which may have been copied from publicly available phone cracking tools.

"The debate around backdoors is not going to go away, rather, its is almost certainly going to get more intense as we lurch toward a more authoritarian society," the hacker told Motherboard in an online chat.

"It's important to demonstrate that when you create these tools, they will make it out. History should make that clear," they continued.

Cellebrite is an Israeli firm which specializes in extracting data from mobile phones for law enforcement agencies. The company's flagship product, the Universal Forensic Extraction Device (UFED), typically comes as a small, laptop-sized device, and can pull SMS messages, emails, and more from thousands of different mobile phone models. The investigator needs to have physical access to the phone to analyze it.

A Motherboard investigation found that US state police and highway patrol agencies have collectively spent millions of dollars on Cellebrite technology.

The hacker claimed to have taken the newly released data from a remote Cellebrite server, and said they had extracted them from UFED images. They told Motherboard that the files were encrypted, likely in an attempt to protect Cellebrite's intellectual property, but that they managed to bypass the protections.

1486053620541-Backdoorz.jpeg

The hacker's ASCII art, which reads "backdoorz."

"The ripped, decrypted and fully functioning Python script set to utilize the exploits is also included within," the hacker wrote in a README file accompanying the data dump. The hacker posted links to the data on Pastebin.

It's not clear when any of this code was used in the UFED. Many of the directory names start with "ufed" followed by a different type of phone, such as BlackBerry or Samsung.

In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene—a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.

Jonathan Zdziarski, a forensic scientist, agreed that some of the iOS files were nearly identical to tools created and used by the jailbreaking community, including patched versions of Apple's firmware designed to break security mechanisms on older iPhones. A number of the configuration files also reference "limera1n," the name of a piece of jailbreaking software created by infamous iPhone hacker Geohot. He said he wouldn't call the released files "exploits" however.

Zdziarski also said that other parts of the code were similar to a jailbreaking project called QuickPwn, but that the code had seemingly been adapted for forensic purposes. For example, some of the code in the dump was designed to brute force PIN numbers, which may be unusual for a normal jailbreaking piece of software.

"If, and it's a big if, they used this in UFED or other products, it would indicate they ripped off software verbatim from the jailbreak community and used forensically unsound and experimental software in their supposedly scientific and forensically validated products," Zdziarski continued.

A spokesperson for Cellebrite told Motherboard in an email: "The files referenced here are part of the distribution package of our application and are available to our customers. They do not include any source code."

He added that the company monitors new research from academia and the information security community, including "newly published forensic methods, research tools and publicly documented issues, including "jailbreaks," which enable platform research."

Cellebrite develops methods for gaining access to phones that do not change or alter data on the device, the spokesperson continued. He wrote that Cellebrite's technology is used to combat child trafficking and exploitation, sexual assault, murder, and drug and gang crime.

In its statement released in response to the initial data breach, Cellebrite only mentioned that "basic contact information" of its customers had been stolen. But as Motherboard reported at the time, the cache of data included much more.

In early 2016, the Department of Justice and Apple entered a fierce legal battle, in which the department tried to legally compel Apple to build a custom operating system that would allow investigators to bypass security protections on an iPhone. A concern at the time was that, if such an operating system was created, it could leak and become public.

Although these dumped tools may not be the most sensitive—Cellebrite keeps its techniques for cracking more recent iPhones inhouse—they do demonstrate that those worries were justified.

Researchers will likely now dig through the content for any interesting attacks or findings.

"Be careful in what you wish for," the hacker's message reads, before signing off with a piece of ASCII art, which says "Backdoorz."
Click to expand...
Thank you so much man!
 

Similar threads

FOOLS_NIGHTMARE
FIA, police spy agencies using Israeli hacking tools since 2012: report
Replies
0
Views
259
FOOLS_NIGHTMARE
FOOLS_NIGHTMARE
Jango
Pakistan’s Spy Agency Buys Israeli Cellphone Hacking Tech
2
Replies
26
Views
2K
HAIDER
HAIDER
Nan Yang
Apple says it will fix software problems blamed for making iPhone 15 models too hot to handle
Replies
0
Views
350
Nan Yang
Nan Yang
D
Apple Warns Top Indian Opposition Leaders, Journalists About ‘State-Sponsored’(Modi-BJP/RSS) Attack on Phone
Replies
2
Views
273
buntalanlucu
B
RescueRanger
Pakistani hacker groups SideCopy and Transparent Tribe have been busy
Replies
0
Views
256
RescueRanger
RescueRanger

Latest posts

Pakistan Defence Latest Posts

Pakistan Affairs Latest Posts

Country Latest Posts

Back
Top Bottom