Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Cellebrite iPhone hacking tools selling on eBay for as little as $100

Image Credit: AFP/Getty Images

Last updated

Meant to be used only by law enforcement, Cellebrite hacking tools for iPhones and other smartphones are reportedly selling on eBay for sums as low as $100.

The most expensive the used hardware gets is $1,000, Forbes said on Thursday. Cellebrite sells new systems for $6,000 or higher.

The forensic data firm is sending letters to clients warning them against reselling its hacking tools, given the potential for illegally breaking into private data. Nominally the equipment is expected to be sent back to Cellebrite — serious concerns have been raised given that people within or connected to police agencies are not only putting the tools in the hands of unknown persons, but potentially leaking case data if it hasn't been wiped.

One security researcher, Matthew Hickey, recently bought a dozen such units and discovered data on what devices were searched and when, and the forms of data that were extracted. That includes IMEI numbers, which could be used to track down an individual phone.

The devices could even contain chats and contact lists, Hickey said, though he chose not to explore that material.

Still more worrisome is the possibility that Cellebrite's tools could map out vulnerabilities it hasn't shared with Apple and other vendors. Apple tends to close exploits used by forensics firms as soon as it discovers them, since they could just as well be used illegally.

Cellebrite is famously believed to be the third party the FBI turned to crack the iPhone 5c of San Bernardino killer Syed Rizwan Farook. The FBI and Department of Justice had been insisting that they needed Apple to code a backdoor, but were met with active opposition by CEO Tim Cook and others, who argued that the company would have to fundamentally compromise the security of iOS — precisely because backdoors could be leaked or shared by government agencies, or else discovered independently.

Various U.S. officials have complained that Apple's insistence on end-to-end messaging encryption and full-disk encryption for devices is causing its products to "go dark" to law enforcement and spy agencies. The battle has in fact gone global, with the "Five Eyes" intelligence network — including Australia, Canada, New Zealand, the U.K. and the U.S. — claiming that "privacy is not an absolute," and hoping for legislation that can bypass encryption, despite complaints from tech companies, privacy advocates, and the public.



22 Comments

wonkothesane 1738 comments · 12 Years

Good night and sleep tight. Your government will make sure that the hacker tools they employ will never get into the wrong hands. 

https://www.featuredcustomers.com/vendor/cellebrite/customers

AppleExposed 1805 comments · 6 Years

Isn't it only successful for iOS 10 and earlier?

lkrupp 10521 comments · 19 Years

This sounds like these tools don’t really work very well. Why would a $6000 piece of equipment being going for $1000 or lower on eBay? You would think these tools would command a king’s ransom on the open market and that hackers would be trying to outbid each other. The whole thing sounds fishy. But more than that it completely squashes the government’s claim that any backdoor or master key manufacturers would provide could be kept secure. 

macplusplus 2116 comments · 9 Years

Do not hold your breath. I saw one in use in an Apple Store to transfer the customer's Android phone data to the iPhone.