Israeli software developer for hacking Cellebrite smartphones hacked

Lior Ben-Peretz (Leeor Ben-Peretz), executive vice president of Cellebrite. Photo: Jack Guez / AFP / Getty Images

Hackers again hacked. Such is the fate of companies that cooperate with law enforcement agencies and intelligence agencies. If you go to the other side of the barricades - get ready for the worst.

We remember the public harassment of the hacker group Hacking Team, which specializes in developing and selling spyware for law enforcement agencies and special services of various states. The Hacking Team’s personal correspondence with clients, contracts for the sale of cyber-products to various states, as well as a large amount of other information, have leaked to the network. In 2014, hackers also cracked FinFisher spyware developer Gamma International .
')
Now a similar misfortune happened to their colleagues from the company Cellebrite , which is developing software for forensic examination (hacking) of mobile phones. The Israeli company did not disdain to cooperate with authoritarian political regimes, for which she was punished.

The main product of Cellebrite is the Universal Forensic Extraction Device (UFED) software and hardware system for hacking and copying data from any mobile phones. It is sold in tablet format ( UFED Touch2 ), or the software is installed on a personal computer ( UFED 4PC )


UFED version for field operations (UFED TK)

For comparison, ElcomSoft , a Russian software developer for brute-force passwords and forensic expertise, has the ElcomSoft Password Recovery Bundle software (RUR 85,5995) and the Elcomsoft Mobile Forensic Bundle mobile phone hacking kit is a purely software solution. Israeli colleagues have a more beautiful range, although in terms of functionality they do not necessarily surpass the Russian one.

The IT edition of Motheboard three weeks ago published a series of materials on the activities of the company Cellebrite. It found that the American police were cooperating with this firm. Last placed her orders for millions of dollars . The police ordered special equipment and programs for hacking phones. With their help, "cops" picked up pincodes, restored deleted messages and contacts on phones.



Typically, such tools are used to collect evidence after confiscating a mobile phone from suspects. But it turned out that Cellebrite is cooperating with non-democratic countries , where the authorities use hacking tools against political opposition.

They said that Cellebrite tools are regularly used by FBI agents to quickly and covertly copy the memory of suspects' phones.

Founded in 1999, the company has now grown to a large size, it is controlled by a Japanese investor, the company has offices all over the United States, and law enforcement agencies in many countries are among its clients.

Now the developer of tools for hacking and himself has been hacked. In another article, Motherboard writes that an archive with 900 GB of files received from Cellebrite servers was at its disposal .

So far, the information has not been published in the public domain, but it can be expected that sooner or later this will happen, as is the case with the Hacking Team. Then we will check how honest the business is with Cellebrite.

The seized files include customer lists, databases, and a large amount of technical information about Cellebrite products. An initial analysis of Cellebrite customer data shows that among its customers may be law enforcement agencies from authoritarian countries such as Russia, the UAE, and Turkey. In particular, a letter from the Prosecutor’s Office of the Russian Federation was found in the Cellebrite technical support service.

If the information is confirmed, this suggests that Cellebrite contributed to human rights violations in these countries - for the sake of profit. This data may be true. By the way, Cellebrite even has a Russian version of the site.

Among the data is a web server cache with usernames and passwords that logged into the my.cellebrite domain. This section of the site is intended only for company customers.

After the publication of articles in the Motherboard edition, Cellebrite officially acknowledged the fact of hacking into an “external web server” with a backup database of accounts my.cellebrite.om. An investigation is underway on this matter.

The company assures customers that there is nothing particularly confidential in the data leakage, only hashes of user passwords that have not yet migrated to the new system of user accounts.

Meanwhile, Cellebrite accounts began to trade in some IRC chat rooms, the hacker said in a comment to Motherboard. “I cannot say much about what has been done. It’s one thing to scare them, but it’s quite another to hang them by the balls and take pictures, ”he added.

Definitely, software developers should carefully select customers.