Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
This file photo shows an anti-government protester holding his iPhone with a sign “No Entry” during a demonstration near the Apple Store on Fifth Avenue in New York. Photo: Agence France-Presse

iPhone hacking firm updates digital forensics tool after Apple refuses FBI request to unlock phones

  • The tool provides access to chips running on iPhones released between 2011 and 2017

Digital forensics firm Cellebrite released a new tool that could be used to access data on the iPhones at the heart of the latest spat between Apple and the FBI.

The company pushed out an update to its UFED Physical Analyser software that helps law enforcement agencies and other customers extract and analyse information on some iPhones.

“For the first time ever, a wealth of previously untapped data sets from iOS devices can be leveraged to change the course of investigations,” Shahar Tal, a security research vice-president at Cellebrite, wrote in an email to customers on Tuesday. “This update allows you to quickly perform a forensically sound temporary jailbreak and full file system extraction within one streamlined workflow.”

The tool uses an exploit called Checkm8 that allows access to chips running on iPhones released between 2011 and 2017. Cellebrite, owned by Japan’s Sun Corp, said its latest version of the tool works with the iPhone 5s, first sold in 2013, through the iPhone X, sold in 2017.

This could help investigators analyse at least one of the iPhones that belonged to Mohammed Saeed Alshamrani, the perpetrator of a December 6 terrorist attack at a Navy base in Florida. Alshamrani died and his iPhone 5 and iPhone 7 were locked, leaving the FBI looking for ways to hack into the devices.

Apple refuses US government request to unlock gunman’s iPhones

The FBI has been pressing Apple to help it break into the terrorist’s iPhones, but the government can hack into the devices without the technology giant, experts in cybersecurity and digital forensics said on Tuesday.

Tools from Cellebrite and other digital forensics firms that incorporate the Checkm8 vulnerability may be especially helpful to the FBI.

“This Cellebrite tool would let the government get a whole lot of information out of the phone, more than we’ve previously been able to extract,” said Neil Broom, who works with law enforcement agencies to unlock devices.

The Cellebrite tool costs about US$15,000, plus an annual maintenance fee of more than US$4,000, according to Broom. Before it can be used, a customer would need another Cellebrite tool for actually unlocking the phone, which could cost between US$100,000 and US$150,000, Broom added.

Purchase the China AI Report 2020 brought to you by SCMP Research and enjoy a 20% discount (original price US$400). This 60-page all new intelligence report gives you first-hand insights and analysis into the latest industry developments and intelligence about China AI. Get exclusive access to our webinars for continuous learning, and interact with China AI executives in live Q&A. Offer valid until 31 March 2020.