Cellebrite, the Israeli spy firm who were reportedly used by the FBI to unlock the iPhone of San Bernardino shooter Syed Rizwan Farook has now been hacked and a trove of its data has been stolen. Simply put, hackers have been hacked themselves.
The firm has acknowledged the hack and released a public statement revealing that “Cellebrite recently experienced unauthorized access to an external web server. The impacted server included a legacy database backup of my.Cellebrite, the company’s end user license management system.”
The stolen data includes customer contact information along with hashed passwords of current clients while the total data is about 900GB in size obtained by Vice’s Motherboard from the hacker responsible for this breach.
Cellebrite were alerted to the incident when Motherboard contacted the firm and informed them about the breach after which the company started conducting an investigation to determine the extent of the breach.
When asked about his motivation behind the attack, he cited recent changes in surveillance legislation by Western governments and it is this which forced him to target Cellebrite.
“Cellebrite claims they can crack any smartphone in the world.”
Cellebrite previously hit the news after claiming they can crack any locked smartphone but it denied any role in unlocking the iPhone of Rizwan Farook however, last month leaked documents and images of the firm confirmed their in-house hacking capabilities.
According to Cellebrite website, the company’s powerful Universal Forensic Extraction Device (UFED) solutions deliver the only complete, end-to-end Digital Forensics Platform on the market and has more than 40,000 UFED licenses deployed globally in 100 countries,
This is not the first time when a high-profile hacking firm has been hacked. In 2015, an Italy-based firm known as “Hacking Firm” was hacked after which a trove of its data was leaked on the Internet resulting in the firm’s license being canceled blocking them from selling their malware outside of Europe.
Flickr/IPC