Prominent phone-hacking firm says it can unlock any iPhone for law enforcement

William Hook/Flickr (CC-BY-SA)

BTW

A prominent cellphone-hacking firm publicly announced Friday that it can now break into any iPhone, as well as leading Android models.

Cellebrite, an Israeli forensics company that sells to law enforcement, military, and intelligence agencies, revealed its new capabilities in a Twitter post advertising its Universal Forensic Extraction Device (UFED) product.

On Friday, the company wrote that the product was “an exclusive solution for law enforcement to unlock and extract data from all iOS and high-end Android devices.”

A description on Cellebrite’s website states that the tool can not only hack into any Apple device running the current iOS 12.3, released just last month, but also Android devices–such as the Samsung Galaxy S9.

“Bypass or determine locks and perform a full file system extraction on any iOS device to get much more data than what is possible through logical extractions and other conventional means,” the company boasts. “Gain access to 3rd party app data, chat conversations, downloaded emails and email attachments, deleted content and more, increase your chances of finding the incriminating evidence and bringing your case to a resolution.”

Concerns have been raised, however, that such tools could fall into the hands of criminals or oppressive governments. In fact, older Cellebrite cellphone-hacking products are widely available on sites like eBay.

Cellebrite’s announcement also signals a shift in policy for cellphone-hacking services that have previously kept their capabilities a secret. Several experts told Wired that companies are taking a more public approach in order to obtain new customers in an increasingly competitive market.

In 2015 and 2016, Apple famously refused to unlock one of the San Bernardino shooter’s phone for the Federal Bureau of Investigation (FBI). This led the FBI to bypass Apple and hire a third party to successfully unlock the phone.

Apple is constantly attempting to find and patch vulnerabilities that allow companies like Cellebrite to circumvent their security measures.

A security update issued by Apple last year was able to temporarily protect its phones from a similar tool known as GrayKey, sold by U.S.-based company Grayshift. It is believed, though, that the firm has since developed methods to gain access to some versions of iOS 12.

READ MORE: 

Got five minutes? We’d love to hear from you. Help shape our journalism and be entered to win an Amazon gift card by filling out our 2019 reader survey.

H/T Wired

Mikael Thalen

Mikael Thalen

Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.