March 1, 2019 at
What would you say if I told you that you can access anyone’s phone without their password? Well, you can!
The Cellebrite Universal Forensic Extraction Device (UFED) is now on eBay. The device is surprisingly selling for $100, a less-costly price as compared to the original which sells for $6000. The iPhone-hacking tool is used by law reinforcement authorities such as the FBI to hack into Google devices and Apple devices as well to find data. It bypasses all passwords to get even data which has been deleted from phones.
Cellebrite UFED was created by an Israeli Company which gained popularity last year. The FBI spent $900,000 to crack iPhones. The company is also known for its refusal to give away faults or weaknesses about the iPhone products which makes it easy for them to hack. Speaking to Forbes, the company claimed that the failure to disclose the information gives them a competitive advantage.
The fact that this hacking device can land on the hands of anyone comes with consequences. Earlier this month, a cybersecurity researcher, Hickey, decided to purchase a few of this Cellebrite UFED. He discovered that these second-hand kits contain different kinds of critical data. Such data include mobile identifier numbers as well as different kinds of data previously deleted.
This top-notch device seemingly does not require technical know-how but is, in fact, easy to use as seen on Hickey’s tweet.
Cellebrite finds the resale of this product a direct violation of the buying terms and conditions. In addition, an earlier interview with Forbes expressed their responsibility to serve public safety. Cellebrite, therefore, released a letter to Forbes on Tuesday, warning customers against the popular resell of this product.
The company expects units to be returned to the company once the buyer is done and not to be resold. This is to enable the company to re-commission them properly, wiping away any data from them.
There is a possibility that valuable data might have leaked as a result of this resell.
In addition, the product may expose the software vulnerability which the company has been trying to hide all along. The company has become so good at it, that they were able to find flaws in the iOS, and have been able to crack the passwords of even the iPhone X. However, the company is now vulnerable as the exploits were to be a secret, in order to prevent Apple from locking police out from accessing iPhones.
Whereas this hacking device is on the market, the consequences of it might be a matter of life and death. The device may include critical case data that should otherwise not be exposed. For just $100, the security of people’s data could be at stake.