Recently an unknown hacker steals and leaks iPhone cracking tools and hacker claims to have accessed some data from security firm which is hired by FBI to unlock San Bernardino shooter’s iPhone 5c.
Hacker Leaks iPhone Cracking Tool Used by FBI
The case was very popular in world because it put Apple and US government face to face. At the same time government tried to force the Cupertino company to create a “security hole” in iOS given the pressure by agencies to rummage through iPhone of San Bernardino terrorist.
Tech giant Apple denied tracking phone because it is against their policies which led US services to hire Israeli company to hack into iPhone and provide access to information. Now it is reported that same security company is a target of a hacker attack.
Apple always refused to create “GovtOS” ( the name given to the system that the company would have to develop with a failure to access the data). This action could have caused a dramatic effect in iOS because it would’ve created a master-key to unlock iPhone. This takeover by the company could fall into wrong hands and cause serious damage to the company.
Then the FBI have hired the Israeli company Cellebrite that has managed to breach the iPhone 5C’s security and made the data available to investigate the terrorist act.
“in mid-January a hacker stole 900GB of Cellebrite data, suggesting that the company sold its spy technology to the government of Turkey, the United Arab Emirates and Russia.”, reported by Motherboard
It seems to be that security company which was hired to break into phone become a victim of its own activity and hacker responsible for the theft published the package of files allegedly diverted and recovered from old Android devices and BlackBerry and iPhone too.
The hacker who is in question referred to Motherboard, “the debate around backdoors will not go away. Instead, it will almost certainly become even more intense as we move into a more authoritarian society. It is important to demonstrate that when these tools are created, they will eventually get ‘leak’. The story should make that clear”.
In general terms, the Cellebrite is a company specializing in smartphone data extraction and its main clients the intelligence agencies. The product was the Universal Forensic Extraction Device (UFED), a piece of software that when it get installed on a particular device and connected to a phone, has the ability to extract SMS, emails, private data and more.
Published data also revealed that police forces and other US security agencies those who have spent millions of dollars on technology marketed by Cellebrite.
Allegedly, the data was stolen by the hacker from a remote company server, extracting it from the UFED images. The files were encrypted, but everything was properly resolved by him.
Apart from the various information that he left, the hacker said he noticed that many of the codes related to Apple’s mobile operating system are similar to those used by the jailbreak community.
Security researcher Jonathan Zdziarski, after analyzing the information, confirms what was secured by the hacker, and also agreed with the assessment made that there are some iOS files practically identical to the tools created and used by the jailbreak community, including versions Apple firmware patches designed to break down security mechanisms on older iPhones.
In its defense, Cellebrite told Motherboard that “referenced files are part of the package distributed to applications and are available to our consumers,” and that “they do not include any source code.” But it seems that the packet released contains much more data.
This attack is right for Apple when it stated that by creating such security hole in its OS sooner or later they can become a victim of a huge crime scene.
No comments:
Post a Comment