You might have heard of Israel-based hackers-for-hire Cellebrite, who create smartphone hacking tools that then get used by law enforcement and government agencies worldwide, as well as repressive regimes and other unsavory characters
Well, it seems that their “security products” have no real security themselves, as outlined in a scathing blog post by Signal’s founder, Moxie Marlinspike.
Signal got hold of a Cellebrite UFED device, and their analysis showed some serious security issues, where “industry-standard exploit mitigation defenses [are] missing,” with multiple opportunities to exploit the device.
You can see some of those hacks in action below, with Signal showing the UFED device showing a benign message from the 90s movie, Hackers, as a proof of concept. In reality, the vulnerability that led to that message could let any payload run on the UFED, potentially corrupting every scan that device had in memory from other smartphones, or even planting faked evidence.
With the vulnerability only needing the UFED to read a file on the device, anyone with the technical know-how could keep a self-destruct file on their device in case it ever ends up in the hands of Cellebrite or any organization/agency that uses their services.
That could go even further, as Phobos Group founder Dan Tentler says this method could be used to infect a government agency, by baiting them into “reading a phone loaded with the exploit,” which would then be transferred to a networked computer to read the files the Cellebrite device pulled off the phone. Yikes.
Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.