Technology
You can buy used Cellebrite iPhone hacking tools for cheap on eBay
Disclosure
Every product here is independently selected by Mashable journalists. If you buy something featured, we may earn an affiliate commission which helps support our work.
Hacking a smartphone just got a whole lot cheaper.
A tool once favored by law enforcement for pulling data off locked phones is now available to the general public. We can’t imagine the Israel-based company behind the Cellebrite hacking device is all that pleased with its newly expanded customer base, but here we are. There’s not much it can do about it at the moment, as the sales are taking place on eBay — where a quick search shows numerous used models listed for prices as low as $50.
According to Forbes, which first reported the news, a brand new Cellebrite device will set law enforcement back around $6,000. Things are quite a bit cheaper on the online auction site, where one seller has what appear to be 10 used models for sale ranging in price between $50 to $70.
That’s quite the discount.
Notably, Cellebrite appears to be extremely displeased with the resale of its phone-cracking tech. Matthew Hickey, a security researcher and co-founder of Hacker House, purchased a Cellebrite UFED-36 mode off eBay, and proceeded to tweet an analysis and breakdown of the device.
Cellebrite UFED-36 model innards, FPGA, Intel Xscale processor, WinCE 5.0. trying to dump the flash ROM without removing the BGA chips (I’ll destroy the board in the process). There is a debugger header with a mix of 5V and 3V signal logic. I want to install Linux on it. pic.twitter.com/6QpE88nvZA
— Hacker Fantastic (@hackerfantastic) February 27, 2019
Shortly thereafter, Hickey tweeted what looks to be a statement from Cellebrite admonishing resellers.
“As a part of Cellebrite’s inventory control process we need to ensure that our products are only used by the original owner,” reads the statement. “As a reminder, selling or distributing any of your Cellebrite equipment to other organizations is not permitted without written approval from Cellebrite.”
wipe/destroy your forensics devices or return them to the vendor on decommission or you’ll leak sensitive data to unauthorized 3rd parties. pic.twitter.com/T1zIfrggEc
— Hacker Fantastic (@hackerfantastic) February 27, 2019
We reached out to the company to confirm that the message is in fact authentic, but did not receive a response as of press time. If it is legit, however, the statement makes clear that the stakes are higher than just Cellebrite’s profit margins.
“Since it may be possible for these devices (including old devices such as the discontinued Touch) to access private information,” the statement warns, “we ask that you treat any Cellebrite equipment within your organization with the highest degree of security.”
In other words, the old models may still be able to gain access to smartphones. And that’s not all, Hickey told Forbes that he was able to view some usage history — like when the Cellebrite was used, what types of phones were searched, and what kind of data was pulled off those phones — on the device he purchased.
Essentially, these smartphone hacking tools — possibly used by law enforcement agencies — appear to not have been wiped before resale.
And now all that data, and the means to get more, can belong to a hacker for the low low price of $100 or less.
-
Entertainment6 days ago
‘The Wild Robot’ and ‘Flow’ are quietly revolutionary climate change films
-
Entertainment6 days ago
Mars is littered with junk. Historians want to save it.
-
Entertainment7 days ago
CES 2025 preview: What to expect
-
Entertainment5 days ago
Should you buy the 2024 Kindle Paperwhite Signature Edition?
-
Entertainment4 days ago
Beyoncé’s Christmas halftime show on Netflix: What to know about the NFL event
-
Entertainment4 days ago
2024: A year of digital organizing from Palestine to X
-
Entertainment3 days ago
Greatest films by women creators on Netflix
-
Entertainment6 days ago
Review: Is the $499 Bose Smart Soundbar worth it?