Firm that unlocked San Bernardino shooter's iPhone for FBI is revealed

By William Gallagher

Even Apple could not find out which firm the FBI used to unlock one of the San Bernardino shooters' iPhones -- but a new report claims to know the secret company that did the work.

Tim Cook had wanted Apple's dispute with the FBI to go to trial

Despite much speculation in 2016 that the FBI hired Cellebrite to unlock the shooter's iPhone 5C, it's only now that the real company has been named. It's an Australian defense contractor called Azimuth Security, now part of L3Harris Technologies.

According to The Washington Post, Azimuth is a "publicity-shy" firm, but it has been known to be involved in producing hacking tools for the US, Canadian, and UK governments. Apple has been suing Azimuth over its selling of virtual iPhones to government agencies attempting to unlock the devices.

Nonetheless, Apple did not determine that it was Azimuth that had aided the FBI. The San Bernardino iPhone it ultimately unlocked became the center of a high-profile dispute between Apple and the FBI.

Prior to the San Bernardino incident, the FBI had been consistently pressing for technology firms to let law enforcement bypass end-to-end encryption. The 2015 shooting, in which 14 people were killed and 22 others seriously injured, was also seen as a way to get public opinion on the FBI's side.

Apple was ordered by a US magistrate judge to comply with the FBI's requests to extract data from one shooter's iPhone. Apple argued that it had already done "everything that's both within our power and within the law to help this case," and refused to create a security backdoor for the authorities.

"As individuals and as a company, we have no tolerance or sympathy for terrorists," Tim Cook told Apple employees in a memo. "When they commit unspeakable acts like the tragic attacks in San Bernardino, we work to help the authorities pursue justice for the victims. And that's exactly what we did."

"Starting with iOS 8, we began encrypting data in a way that not even the iPhone itself can read without the user's passcode, so if it is lost or stolen, our personal data, conversations, financial and health information are far more secure," he continued. "We all know that turning back the clock on that progress would be a terrible idea."

Cook later said that he had wanted the dispute to go to court, but the argument ended with the successfully unlocking.

In suing Corellium, Apple was unknowingly close to learning the name of the firm that helped the FBI. Credit: Corellium

Now it's revealed that two Azimuth hackers approached the FBI with a series of iOS vulnerabilities, or exploits, that in combination allowed them to unlock the iPhone. Reportedly, Azimuth was paid $900,000 for the unlocking, though it led to no actionable intelligence being recovered from the phone.

According to The Washington Post, Apple's subsequent and separate 2019 suing of Corellium could have uncovered that the firm had been behind the unlocking. Corellium co-founder David Wang and Apple's requests for disclosure ought to have revealed the information, but the Department of Justice intervened on national security grounds.

The suit against Corellium concerned the company's creation of virtual iPhones which can then be used in hacking research. Apple's suit was dismissed, although it can yet appeal.

According to The Washington Post, Corellium argues that Apple's legal efforts are an attempt to put the firm out of business. Reportedly, Apple had tried to buy Corellium, and separately it had tried to hire David Wang before he co-founded the company.

Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.