Unidentified Hacker Breached Cellebrite’s Servers, Ironically Stole and Made Public Company’s iOS Hacking Tools

Noting the importance of being able to demonstrate how iPhone hacking tools — if they exist — will eventually make their way into the wild, an unidentified hacker recently released to the public a large cache of files that were allegedly stolen from the Israeli firm, Cellebrite, according to a report published to Motherboard.

Cellebrite is the mobile data extraction firm that found itself caught up in the mire of last year’s major FBI investigation, which involved the unlocking of an iPhone 5c that belonged to Syed Rizwan Farook — the gunman responsible for carrying out the late-2015 mass shooting in San Bernardino, California. After a long and contentious battle over privacy, the FBI ultimately paid Cellebrite a considerable amount of money for the tools necessary to get into Farook’s iPhone, after Apple outright refused to assist in unlocking the device — upon which no data of value was ultimately discovered, anyways.

The stolen data in this instance, which was allegedly uploaded to the file-sharing site Pastebin, contained files pertaining to Android, Blackberry, and some “older iPhones.” While Cellebrite specializes in creating mobile data extraction tools for all devices, it appears that newer, more advanced techniques employed to access “newer iPhones” — whichever models fall into that category — were not included in the document dump.

“The debate around backdoors is not going to go away,” the hacker allegedly told Motherboard via an online chatroom. “Rather, it is almost certainly going to get more intense as we lurch toward a more authoritarian society. And it’s important to demonstrate that when you create these tools, they will make it out. History should make that clear.”

According to Motherboard, this isn’t even the first time the same hacker has managed to get his hands on Cellebrite’s data. Back in January, it was reported that approximately 900 GB of sensitive data was stolen — and although a Cellebrite spokesperson claimed that only its customers’ “basic contact information” had been put at risk due to the breach, it was later confirmed that, in fact, a swath of much more sensitive data, including “customer information, databases, and a vast amount of technical data regarding Cellebrite’s products,” was actually what was among the nearly 1 terabyte haul. 

Accompanying this most recent data drop, though, the hacker included a short but poignant READ ME file containing a message just for the FBI — “@FBI Be careful in what you wish for” — and with that, the hacker signed off.