In 2016, the FBI had ordered Apple to crack into an iPhone that was owned by Syed Farook, one of the shooters involved in the 2015 attacks in San Bernardino. Apple refused to help citing a policy on privacy reasons, post which, the FBI then reportedly started working along with an Israeli mobile security firm Cellebrite and managed to get help on cracking the iPhone data. However, Cellebrite, on January 12, 2017, released a statement that they were victims of hacking and their servers were breached by a hacker. The hacker, who goes by the name ‘Backdoorz’, has now openly released some of the information data from the breach as a warning to the FBI. "@FBI Be careful in what you wish for," warned the hacker in a statement to Motherboard.
Motherboard had reported this matter earlier in January and mentioned that the hacker had managed to steal 900GB of data from the servers and the data suggests that Cellibrite had sold the phone-hacking tool to Turkey, UAE and Russia.
The hacker, who preferred to remain anonymous, spoke to Motherboard using online chat, stating, ‘The debate around backdoors is not going to go away, rather, it is almost certainly going to get more intense as we lurch toward a more authoritarian society. It's important to demonstrate that when you create these tools, they will make it out. History should make that clear.’
The data that was grabbed from the servers include the codes that are related to the Cellebrite’s Universal Forensic Extraction Device (UFED), which can allegedly crack older iPhones such as the iPhone 5c (used by the shooter), and Android and BlackBerry smartphones too. UFED is the company’s flagship smartphone product and comes in a small package —laptop-sized — which can extract information such as SMS, emails, and a lot more. The phone has to be physically connected to the UFED in order to be cracked open.
Motherboard did an investigation and found that the US state police and highway patrol agencies have spent millions of dollars on the technology.
The hacker claims that the stolen data was encrypted, but he managed to unlock it. The hacker has posted links to the data on Pastebin. The data contains fully functional Python scripts for exploiting the smartphones.
‘Jonathan Zdziarski, a forensic scientist, agreed that some of the iOS files were nearly identical to tools created and used by the jailbreaking community, including patched versions of Apple's firmware designed to break security mechanisms on older iPhones. A number of the configuration files also reference "limera1n," the name of a piece of jailbreaking software created by infamous iPhone hacker Geohot. He said he wouldn't call the released files "exploits" however,’ reported Motherboard.
Celibrite told Motherboard in a statement that the initial data breach contained only the basic contact information of its customers, but Motherboard’s investigation speaks the other way.
In the 2016 Apple-FBI battle, the Department of Justice tried to force Apple into building a custom operating system that would allow forensic investigators to break the iOS security protections. However, the main concern at that time was that if such a tool was built, it could leak out to public, create havoc.
