Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

FBI reportedly paid less than $1M for San Bernardino iPhone exploit

Last updated

A report on Thursday claims the U.S. Federal Bureau of investigation spent less than $1 million on an exploit used to access an iPhone tied to last year's San Bernardino terror attack, far below a previously estimated sum of more than $1.3 million.

Citing government sources familiar with the matter, Reuters reports the one-time payment came in exchange for a zero-day vulnerability capable of bypassing the passcode lock on a target iPhone 5c running iOS 9. The device was used by San Bernardino terror suspect Syed Rizwan Farook, and sat centerstage in a contentious court battle between the FBI and Apple.

Previous estimates put the purchase at more than $1.3 million based on a quote from FBI Director James Comey. Last week, Comey said his agency paid an outside group "more than I will make in the remainder of this job" for access to the exploit, prompting media outlets to calculate the director's remaining tenure and current salary.

Officials have not identified the contractor, and media reports read like speculation. Depending on the source, the party is either established security firm Cellebrite or a clandestine cadre of gray-hat hackers.

Sources told Reuters that even Comey doesn't know who his agency contracted for the job.

The third party's identity, and its workaround, will likely remain secret. The FBI this week said it will not submit the vulnerability for review under the Vulnerabilities Equities Process, a system designed to determine whether or not discovered digital vulnerabilities should be disclosed to private manufacturers. The agency claims it cannot provide technical details on the matter because legal rights to those techniques are still owned by the contractor.

For its part, Apple said it has no intention of filing suit against the government to force the hack's disclosure as the exploit likely has a short shelf life.



13 Comments

buckalec 15 Years · 204 comments

No tax on that special service I guess. 3 arrests today, kids would have more maturity.

phone-ui-guy 19 Years · 1018 comments

So Comey cannot do simple math either... Shocker!

2 Likes · 0 Dislikes
cpsro 15 Years · 3251 comments

It sounded like a good deal, until shipping and handling was added.

1 Like · 0 Dislikes
quinney 19 Years · 2527 comments

Sources told Reuters that even Comey doesn't know who his agency contracted for the job. Yet somehow they were able to pay them a lot of money.

1 Like · 0 Dislikes
Rayz2016 9 Years · 6957 comments

Since there was nothing on the phone, and everyone else except the FBI knew there was nothing on the phone, then $1 was too much to pay for the hack.

4 Likes · 0 Dislikes