NYC Law Enforcement Has Been Cracking Locked iPhones for Almost 2 Year

NYC Law Enforcement Has Been Cracking Locked iPhones for Almost 2 Year

Using a screen lock on your smartphone will keep most prying eyes away from your personal data, but law enforcement is not so easily deterred. Police have access to tools and services that can crack phones, and we might not even know what capabilities they have until years later. Israeli forensics firm Cellebrite announced its new in-house phone cracking tool earlier this year, but a new report suggests law enforcement has had access to it since early 2018.

Cellebrite offers numerous services to law enforcement, all aimed at collecting digital evidence from seized devices. This has become big business ever since Apple and Google made encryption the default on their mobile platforms. Companies like Cellebrite search for or purchase undisclosed vulnerabilities and use those to build custom phone cracking tools.

Cellebrite announced its new Universal Forensic Extraction Device (UFED) Premium service in June 2019. With UFED Premium, police can unlock almost all iPhones and most Android phones in-house. With other services, law enforcement often has to send phones out to a forensic laboratory to have them unlocked. That adds a lot of red tape and slows down the investigation.

According to a new report, the Manhattan District Attorney’s office has had access to UFED Premium long before the official announcement — as early as January 2018. This claim comes from a leaked contract with the Manhattan DA, one of the most influential prosecution offices in the country. The office reportedly paid $200,000 for the UFED Premium license, training, and a set number of in-house phone unlocks. There were also additional service add-ons totaling about $1 million. The contract also requires the DA to set up a secure room to house the software with no recording devices allowed.

NYC Law Enforcement Has Been Cracking Locked iPhones for Almost 2 Year

Cellebrite always refuses to comment on its business or who uses its products, so we’re left to speculate about how this arrangement happened in secret. It’s possible Cellebrite had UFED Premium ready years ago, but it delayed making a public announcement so big customers like the Manhattan DA could make full use of the product. As soon as Cellebrite announced the in-house cracking capability, the security community set to work figuring out how it worked. Eventually, the company may need to devise a new approach as vendors patch to block the UFED Premium tools.

Currently, Cellebrite advertises UFED Premium as being able to unlock all iPhones as well as many high-end Android phones like those made by Samsung and Huawei. Presumably, that means even the latest iOS 13 is vulnerable.

Continue reading

Microsoft’s Windows Defender ATP Catches Law Enforcement Spyware
Microsoft’s Windows Defender ATP Catches Law Enforcement Spyware

Microsoft has developed its threat detection model enough to catch professional malware. There's an impressive difference between the level of expertise in these high-end samples versus conventional malware products.