Technology
You can buy used Cellebrite iPhone hacking tools for cheap on eBay
Disclosure
Every product here is independently selected by Mashable journalists. If you buy something featured, we may earn an affiliate commission which helps support our work.
Hacking a smartphone just got a whole lot cheaper.
A tool once favored by law enforcement for pulling data off locked phones is now available to the general public. We can’t imagine the Israel-based company behind the Cellebrite hacking device is all that pleased with its newly expanded customer base, but here we are. There’s not much it can do about it at the moment, as the sales are taking place on eBay — where a quick search shows numerous used models listed for prices as low as $50.
According to Forbes, which first reported the news, a brand new Cellebrite device will set law enforcement back around $6,000. Things are quite a bit cheaper on the online auction site, where one seller has what appear to be 10 used models for sale ranging in price between $50 to $70.
That’s quite the discount.
Notably, Cellebrite appears to be extremely displeased with the resale of its phone-cracking tech. Matthew Hickey, a security researcher and co-founder of Hacker House, purchased a Cellebrite UFED-36 mode off eBay, and proceeded to tweet an analysis and breakdown of the device.
Cellebrite UFED-36 model innards, FPGA, Intel Xscale processor, WinCE 5.0. trying to dump the flash ROM without removing the BGA chips (I’ll destroy the board in the process). There is a debugger header with a mix of 5V and 3V signal logic. I want to install Linux on it. pic.twitter.com/6QpE88nvZA
— Hacker Fantastic (@hackerfantastic) February 27, 2019
Shortly thereafter, Hickey tweeted what looks to be a statement from Cellebrite admonishing resellers.
“As a part of Cellebrite’s inventory control process we need to ensure that our products are only used by the original owner,” reads the statement. “As a reminder, selling or distributing any of your Cellebrite equipment to other organizations is not permitted without written approval from Cellebrite.”
wipe/destroy your forensics devices or return them to the vendor on decommission or you’ll leak sensitive data to unauthorized 3rd parties. pic.twitter.com/T1zIfrggEc
— Hacker Fantastic (@hackerfantastic) February 27, 2019
We reached out to the company to confirm that the message is in fact authentic, but did not receive a response as of press time. If it is legit, however, the statement makes clear that the stakes are higher than just Cellebrite’s profit margins.
“Since it may be possible for these devices (including old devices such as the discontinued Touch) to access private information,” the statement warns, “we ask that you treat any Cellebrite equipment within your organization with the highest degree of security.”
In other words, the old models may still be able to gain access to smartphones. And that’s not all, Hickey told Forbes that he was able to view some usage history — like when the Cellebrite was used, what types of phones were searched, and what kind of data was pulled off those phones — on the device he purchased.
Essentially, these smartphone hacking tools — possibly used by law enforcement agencies — appear to not have been wiped before resale.
And now all that data, and the means to get more, can belong to a hacker for the low low price of $100 or less.
-
Entertainment7 days ago
How to watch the 2024-2025 NBA season without cable: The greatest streaming deals
-
Entertainment6 days ago
‘Here’ review: Robert Zemeckis, Tom Hanks, and Robin Wright reunite
-
Entertainment6 days ago
Election 2024: The truth about voting machine security
-
Entertainment5 days ago
Teen AI companion: How to keep your child safe
-
Entertainment5 days ago
‘Wallace and Gromit: Vengeance Most Fowl’ review: A delightful romp with an anti-AI streak
-
Entertainment4 days ago
‘Dragon Age: The Veilguard’ review: BioWare made a good game again
-
Entertainment3 days ago
‘Only Murders in the Building’ Season 4 ending explained: Who killed Sazz and why?
-
Entertainment4 days ago
Polling 101: Weighting, probability panels, recall votes, and reaching people by mail