iPhone hacking firm updates digital forensics tool after Apple refuses FBI request to unlock phones
- The tool provides access to chips running on iPhones released between 2011 and 2017
Digital forensics firm Cellebrite released a new tool that could be used to access data on the iPhones at the heart of the latest spat between Apple and the FBI.
The company pushed out an update to its UFED Physical Analyser software that helps law enforcement agencies and other customers extract and analyse information on some iPhones.
“For the first time ever, a wealth of previously untapped data sets from iOS devices can be leveraged to change the course of investigations,” Shahar Tal, a security research vice-president at Cellebrite, wrote in an email to customers on Tuesday. “This update allows you to quickly perform a forensically sound temporary jailbreak and full file system extraction within one streamlined workflow.”
The tool uses an exploit called Checkm8 that allows access to chips running on iPhones released between 2011 and 2017. Cellebrite, owned by Japan’s Sun Corp, said its latest version of the tool works with the iPhone 5s, first sold in 2013, through the iPhone X, sold in 2017.
This could help investigators analyse at least one of the iPhones that belonged to Mohammed Saeed Alshamrani, the perpetrator of a December 6 terrorist attack at a Navy base in Florida. Alshamrani died and his iPhone 5 and iPhone 7 were locked, leaving the FBI looking for ways to hack into the devices.
The FBI has been pressing Apple to help it break into the terrorist’s iPhones, but the government can hack into the devices without the technology giant, experts in cybersecurity and digital forensics said on Tuesday.
Tools from Cellebrite and other digital forensics firms that incorporate the Checkm8 vulnerability may be especially helpful to the FBI.
“This Cellebrite tool would let the government get a whole lot of information out of the phone, more than we’ve previously been able to extract,” said Neil Broom, who works with law enforcement agencies to unlock devices.
The Cellebrite tool costs about US$15,000, plus an annual maintenance fee of more than US$4,000, according to Broom. Before it can be used, a customer would need another Cellebrite tool for actually unlocking the phone, which could cost between US$100,000 and US$150,000, Broom added.