Reading Time: 3 minutes
Hackers Steal 900 GB of Cellebrite Data Stolen. Cellebrite is one of the most popular companies in the mobile phone hacking industry.
According to Motherboard, 900GB of stolen data comprises customer information, databases, and a vast amount of technical data regarding Cellebrite’s products.
The latest breach is another addition to the growing trend of hackers taking matters in their own hands to steal information from companies specialised in surveillance or hacking technologies.
Cellebrite, an Israeli company, specializes in the production of laptop-sized devices called Universal Forensic Extraction Device (UFED). The device helps to capture data from thousands of different models of mobile phones. Its capabilities allow it to extract data such as SMS messages, emails, call logs, and much more, as long as the UFED user is in physical possession of the phone.
Cellebrite’s client’s list includes US federal and state law enforcement. While the hacked data reveals it’s being used by authoritarian regimes in Russia, the United Arab Emirates, and Turkey.
The hacker managed to hack partial data from servers related to Cellebrite’s website. According to Motherboard, the stolen data includes usernames and passwords for logging into Cellebrite databases connected to the company’s my.cellebrite domain. These details are used by customers to gain access to new software versions available on a section of the site. Apart from this the data also contains evidence files from seized mobile phones and logs from Cellebrite devices.
The timestamps on some of the files with the hacker reveal the data may have been pulled from Cellebrite servers last year.
Earlier on Thursday after Motherboard informed it of the breach, the company said, “Cellebrite recently experienced unauthorized access to an external web server. The company is conducting an investigation to determine the extent of the breach. The impacted server included a legacy database backup of my.Cellebrite, the company’s end-user license management system. The company had previously migrated to a new user accounts system. Presently, it is known that the information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system,”
The company has advised its customers to change passwords, as it continues to assist relevant authorities in their investigation. The hacker claims to have traded among a select few in IRC chat rooms. He clearly showed disrespect towards the recent changes in surveillance legislation.
This is not the first time the hacker, dubbed “PhineasFisher”, earlier in 2014 publicly released 40GB of data from surveillance company Gamma International. Later in 2015, the hacker managed to breach into Hacking Team an Italian company and published a trove of emails and other internal documents from the company.
While in the case of Callibrite, the hacker has not dumped the files online for anyone to download. Though there are similarities especially considering the hacker’s vigilante motivation.
The hacker told Motherboard, “I can’t say too much about what has been done. It’s one thing to slap them, it’s a very different thing to take pictures of [their] balls hanging out.”
Surveillance State – Australian police Get New Hacking Powers
Microsoft Exchange – ProxyShell Flaw Exploited, Over 1900 Servers Hacked!
SynAck ransomware decryptor allows victims to recover files for free