Cellebrite's phone hacking tools going cheaply on eBay, many still contain unwiped data
The company warns against reselling the unitsBy Rob Thubron
In brief: Ever since it was rumored to have helped access the San Bernardino iPhone, Israeli mobile forensics firm Cellebrite has become law enforcement's company of choice for phone cracking tools. Worryingly, these same devices have been discovered on eBay for as little as $100.
First reported by Forbes, eBay sellers are now offering Cellebrite tools for between $100 and $1000, with one person auctioning off ten used pieces of Cellebrite equipment for between $50 and the current top bid of $127. The company sells comparable new products for a starting price of $6000.
Security researcher Matthew Hickey bought a dozen Cellebrite UFED phone hacking units and discovered they still contained information taken from the devices they searched, which includes iPhones and handsets from Samsung, LG, ZTE, and Motorola. Among the unwiped data was IMEI numbers, what appear to be Wi-Fi passwords, and possibly chat and contact details.
Cellebrite UFED classic exploits & functions - I got this gem at an auction - has SIM card cloning features (elite) pic.twitter.com/xmLCgVO7iG--- Hacker Fantastic (@hackerfantastic) 11 February 2019
Hickey, who was able to find out the admin account passwords for the devices, also believes the tools may contain software vulnerabilities that Cellebrite keeps secret from the likes of Apple and other smartphone manufacturers.
It's believed that the units are appearing on eBay following the release of newer models with updated software.
"You'd think a forensics device used by law enforcement would be wiped before resale. The sheer volume of these units appearing online is indicative that some may not be renewing Cellebrite and disposing of the units elsewhere," Hickey told Forbes.
Unsurprisingly, Cellebrite isn't happy about this and has warned customers against reselling its equipment.
"As a part of Cellebrite's inventory control process we need to ensure that our products are only used by the original owner," the company said, in a statement. "As a reminder, selling or distributing any of your Cellebrite equipment to other organizations is not permitted without written approval from Cellebrite."
wipe/destroy your forensics devices or return them to the vendor on decommission or you'll leak sensitive data to unauthorized 3rd parties. pic.twitter.com/T1zIfrggEc--- Hacker Fantastic (@hackerfantastic) 27 February 2019
Cellebrite is widely believed to be the firm that helped crack the iPhone 5c owned by Syed Rizwan Farook, one of the shooters from the 2015 San Bernardino terrorist attack. The FBI is thought to have paid $900,000 for its aid. The company still provides password cracking tools and services to law enforcement agencies.