Hacker Steals 900 GB of Cellebrite Data

An anonymous reader shares a Motherboard report: Motherboard has obtained 900 GB of data related to Cellebrite, one of the most popular companies in the mobile phone hacking industry. The cache includes customer information, databases, and a vast amount of technical data regarding Cellebrite's products. The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies. Cellebrite is an Israeli company whose main product, a typically laptop-sized device called the Universal Forensic Extraction Device (UFED), can rip data from thousands of different models of mobile phones. That data can include SMS messages, emails, call logs, and much more, as long as the UFED user is in physical possession of the phone.

Sweet.

[zenlessyank]

2 sets of rules works for no one.

Re:Good

[Oswald+McWeany]

Bad people suck.

Good people swallow.

Re:Seriously?

[mlts]

Because security has no ROI...

Good... Good....

[freeze128]

Millions of souls laughed and laughed at this breach, until they realized that the hack could contain their own data.

Re: Two questions

[cyber-vandal]

You could read the summary at least.

Re:Two questions

[fbobraga]

Please, read at least a good part of the summary before posting: it's talking about a company, not people

Too bad they didn't publish the data.

[volodymyrbiryuk]

Too bad they didn't publish the data.

Pot meet Kettle

[nehumanuscrede]

This is a company who specializes in selling products whose purpose is to bypass built in protections in order to gain access to others data without permission.

Am curious how they feel when it happens to them.

Re:Pot meet Kettle

[BlueStrat]

Am curious how they feel when it happens to them.

i'm sure mossad will ensure we never know.

If the hacker(s) is/are smart the first thing he/they did was set up multiple deadman caches of the data that would automatically splash the data all over the web and physically send multiple copies of the data by multiple means/routes to multiple news/press/media outlets across the world if anything happened to them, as insurance against any possible reprisals/arrests/etc. I would, and I'm no uber-1337 h4x0r. Just in no hurry to find out if there's an afterlife or if my cellmate's name would actually be 'Bubba'. :)

Strat

Re:Pot meet Kettle

[zlives]

i am sure they feel great about the publicity that they can hack "successfully" data on phones. I mean it took FBI like months to figure out to use them.

Re:Pot meet Kettle

[Xest]

I'm actually rather concerned that contrary to the implication in the summary that this is no longer simply citizen hacking but in fact escalation of state sponsored hacking. It seems we're beginning to find out more and more that nation states are engaged in hacking from the hacks we know about for sure such as the North Korean hack of Sony, through to the ones that we can make a reasonable assumption on such as the Russian hacks of the DNC (even Trump finally said on Wednesday he thinks it was the Russians), through to those we simply don't know about.

Even if we step back a few years we had the Syrian cyber army being quite active in it's hacking attempts. Given that Syria worked closely with North Korea on their attempted nuclear program (Syria's nuclear program destroyed by Israel in 2007 was shown to be a clone of North Korea's) then would it really be far fetched to assume that given that North Korea also has strong offensive hacking capabilities that it wasn't engaging with them on that too? Similarly the UEA ClimateGate hack was eventually believed based on analysis to be an act by Russia as it was carried out just days before a major climate conference in 2009 that sought to reduce emissions by cutting fossil fuel use - far and away the foundation of Russia's entire economy so they had clear interest also in sabotaging such an agreement and it worked, the conference was largely a failure as a result.

Of course it's not one sided, we know about Stuxnet being a likely US-Israeli attack, and we know that the five eyes countries have been engaging in these sorts of things for years thanks to the revelations by Snowden. I'm not saying it's just some countries or others doing it, on the contrary, I think everyone is doing it. Frankly I suspect at least some of the purported hacks by anonymous were merely just nation states using the broad anonymous idea as cover for their actions.

Could this Cellebrite hack for example be revenge by Iran for Stuxnet? At this point I do not think that's far-fetched for one minute, though hopefully time will tell.

My concern is that this is getting out of control. How long before this escalates and what we once laughed at as being paranoia, the idea of "cyber war" becomes a reality and someone decides to break a damn, or overload a powerplant? Ukraine already saw last year an outage on their powergrid because of hackers. Thankfully I believe no one died, but how long before someone does and it stops just being a cyber war?

We're learning more and more about this and so far solutions
have been purely political and diplomatic. A couple of years back we were seeing constant hacks on the US from China, and this died down - I saw an article recently explaining what happened, and it turns out that there was more than meets the eye to the US charges against 5 Chinese mentioned here:

https://www.justice.gov/opa/pr...

The images that the US used for these arrest warrants were apparently personal images the US themselves had stolen from these Chinese general's laptops after their own hacks against them. The effect was to send a public message to the Chinese that "we can do it too" and it seems to have been succesful as China/US relations on this front seem to have significantly improved and this seems to have been the driver for the China/US cyber agreement agreed late last year. It appears the Chinese cyber command got spooked when they saw their own non-publicly available data used to provide pictures in arrest warrants against them and forced a whole Chinese reconsideration of the issue.

It's clear therefore that increased state hacking isn't merely the paranoia that people once thought it was and that it's generally becoming more prolific, or at least, we're becoming far more aware of it as time goes on and more information is released. So the point I was going to make in reply to your post was this - I'm

Re:Pot meet Kettle

[BlueStrat]

I'm actually rather concerned that contrary to the implication in the summary that this is no longer simply citizen hacking but in fact escalation of state sponsored hacking.

As true as the things you bring up may be re: State-sponsored hacking, none of that really matters and nor will anyone in the US/Five-Eyes nations be able to appreciably change things until spying on domestic populations by their respective domestic governments in those nations is halted/brought under control. That, by far, is the most immediate and proximate threat, and the most likely to directly and negatively affect the average person in those nations as they try to change the status quo. It is domestic spying that supports companies like Cellebrite, after all, as there logically must be orders of magnitude more cases of the US and other Five-Eyes nations wanting/requesting tools for their domestic use than there are opportunities for use against foreign targets of interest.

Regaining control over Western domestic governments and their intelligence agencies will go far towards being able to control such State sponsored hacking operations as those you refer to and, I would argue, a necessary prerequisite for any meaningful change to occur.

Strat

Re:Pot meet Kettle

[Xest]

I think you're right, but I think it's a similar situation across the globe - realistically spy agencies in Russia, China and so forth shouldn't be doing those things to innocent citizens either so I don't think it's entirely a Western problem.

I think it's a general issue here that governments need to get together and accept that they all need to reign in their agencies before shit really does hit the fan with some mutual agreement to start actually following the Universal Declaration of Human Rights (that governs against this sort of thing), and to start governing cyber operations against each other in the same way military operations are governed against each other - i.e. it's not just some routine thing you do on a whim, and that there are consequences for it.

I mean, let's be clear, the sort of shit you are describing already has in some countries has profoundly damaging real world consequences - the whole arab spring started in Tunisia precisely because overreaching security services eventually pushed one man just that bit too far for example.

So you're absolutely right to point out that uncontrolled security services can cause more harm than good if they are not reigned in appropriately, and if left to go to far, they in themselves can become a catalyst for national collapse as in the arab spring.

Re:Pot meet Kettle

[BlueStrat]

I think you're right, but I think it's a similar situation across the globe - realistically spy agencies in Russia, China and so forth shouldn't be doing those things to innocent citizens either so I don't think it's entirely a Western problem.

Well, it's the same problem in Western nations and Russia, China, etc. Government gaining too much power and control. The only difference being that Russia, China, etc are just further down the same road. We here in Western nations can realistically only affect change in our own nations.

Because our nations are already heading down the total-surveillance road, we can only offer minimal support to those in Russia, China, etc attempting to change things in those nations. We in the West, in order to be able to offer real assistance to the people of those nations, must first get a handle on our own governments, as our governments are our people's main instrument in dealing in foreign affairs. The clock is ticking, as history shows us that once freedom is lost it is highly unlikely to be regained until multiple generations have passed, that is if it is regained at all, which is not assured and becomes less and less likely as time passes.

Strat

Re:Two questions

[The-Ixian]

Cellebrite was the company that "resolved" the issue for the FBI when they wanted access to a locked iPhone and Apple wouldn't help them by circumventing their own software.

So, enter Cellebrite and their cracking software to the rescue. The FBI then withdrew their request to Apple.

The whole thing was covered ad nauseam and, in my opinion, was largely a publicity stunt by Apple to showcase how secure their device is.

What in the world Batman?

Israeli forensics software company owned by a Japanese console game development company? What kind of weird crap is that?

Now what?

They get the data and see the applications and attack vectors. Unless they provide software to counter this stuff there is nothing useful here.

Re:Now what?

[MrL0G1C]

Except that Google, Apple, MS et al might have to fix the vulnerabilities if this info is released which it probably will be.

Re:Seriously?

[taustin]

They don't necessarily. They only have to put their database server on a network that's connected to the internet, and lose control of something else on the network. That's why computers than handle classified information cannot be connected to a network that is capable, at the hardware level, of connecting to the internet. If the wiring's there, it's not secure.

Re: Two questions

No, it was a publicity stunt by the FBI to hide the fact that they have had the ability to get into people's iPhones all along.

Re: Two questions

[cfalcon]

I think it was a political stunt to try to soft-ban encryption solutions, by overtly forcing a very prominent privacy oriented company into unlocking their own crypto by pushing in a backdoored update. The end result would be that any company that didn't have a backdoor ready to go for any device or OS that it touched would look like it was standing in opposition to law enforcement, and that this would be considered a legal risk, and therefore, no one would continue making encryption easier and/or more reliable.

Re:Two questions

"a publicity stunt by Apple to showcase how secure their device is"
If they were trying to showcase their security they failed in spectacular fashion. Apples refusal to obey a court order was nothing more than a marketing ploy aimed at convincing the proles that they actually give a shit about privacy.

And going after or harassing an Israeli company is really not the smartest thing to do if you don't want to spend an inordinate amount of time trying to hide from their reprisal if they deem the offense against them requires a response. Israel is the only country on the planet who never asks for permission before they kick the shit out of whoever happens to be threatening them. They don't really give a shit about any political fallout either since they produce some of the best military technology on the planet and all the main foreign powers line up to buy it. US drone technology was built upon on Israeli technology. Israel provides the most advanced short range, mid-range, and ballistic anti-missile technology testing grounds. Any US funding given to Israel in this area is to guarantee access and allows Raytheon and other US military technology firms to partner with the Israeli firms.

Re:Seriously?

[postbigbang]

Everyone thinks they're immune, even when they use crypto. Then people leave the certs laying around in someone's browser cache, and it's all plain text again.

No one is immune, not me, not you. Rename your dbs to .mp4. Do weird things, low-hanging-fruit things. People stoked up on coffee just swear and move on. Their parsers fail, and their attention span gets wiped.

Don't believe me? Go to CCC and see how many people are wired.

Re:Historic Quote

[GLMDesigns]

Funny how you latch on to locker room talk and think it represents a person you don't like but ignore statements like:

"he's clean and articulate" by politicians you do like.

Re:Two questions

Better than Apple being an authoritarian cock sucking bootlicker like you.

Re:Seriously?

[zlives]

is this because a breach has no consequnce?

i am sure there is atleast one example out there that showed some real consequences of a breach?!! (real==money)

Re:Seriously?

[SeaFox]

Because security has no ROI...

You forgot the "until customers start going to your competitors because of your shitty security" part.
You can ask any cloud service provider about that.

Re: Two questions

The only reason they have been able to become a high tech and military industry powerhouse is thanks to the endless supply of money that keeps flowing in from the US. There are universities, tech, and medical campuses in Israel that are funded solely by US 'donations.' The entire country functions on favors and shady backroom deals. It is basically a nation equivalent of Hollywood.

Help is on its way

[troll+-1]

Does Giuliani know about this?

Re:Good

[grep+-v+'.*'+*]

Bad people suck.

Good people swallow.

Sorry?? I thought good people just got screwed. I didn't realize they were actively involved in the process.

Re: Two questions

[cavreader]

Almost all of the money the US has given to Israel over the years could only be used to purchase US military tech. The most recent deal with them is the first time they are allowed to spend a higher percentage on non-US weapons.
"The entire country functions on favors and shady backroom deals"
Can you name one other country on the planet who doesn't do the same thing?

Re: Two questions

[athmanb]

Israel's budget is $70b, and they receive $3b in direct government aid from the US. That creates a whole bunch of weird incentives that pop up when a large amount of the money you spend doesn't come out of your own pocket. And I doubt that since the end of the Soviet Union, there is any other country that finances 5% of its operation through foreign aid. Even Venezuela currently only gets less than $100m a year total, and the Chinese probably aren't spending a lot of money on North Korea either although it's of course impossible to get real numbers there.

Re:Seriously?

[RuffMasterD]

Consequences only appear after a breach happens, and nobody thinks a breach will ever happen to them. That only happens to incompetent companies. Anyway, if you prevent a breach from happening, then no breach ever occurs, and the cost of preventing such a breach was money wasted as far as management cares. Better spend that money on bonuses. You do want a bonus this year, don't you?