For those unfamiliar, Cellebrite is an Israeli company, which specializes in extracting data from mobile phones for law enforcement agencies. The firm’s main product is called the Universal Forensic Extraction Device (UFED) – a tool designed to extract smartphone data, which is being used extensively by the U.S. and UK police.
— Hacker Fantastic (@hackerfantastic) February 11, 2019 However, Cellebrite is not too happy about the second-hand tools being resold between $100 and $1,000 per unit on eBay. As a result, the Israeli company has issued a warning to customers to return the UFED units to Cellebrite so they can be properly decommissioned, as they could contain data from previous investigations. “Selling or distributing any of your Cellebrite equipment to other organizations is not permitted without written approval from Cellebrite. Since it may be possible for these devices to access private information, we ask that you treat any Cellebrite equipment within your organization with the highest degree of security,” the Israeli company recently informed customers in a mailed notification. Matthew Hickey, a cybersecurity researcher and co-founder of training academy Hacker House, purchased a dozen UFEDs to see what secrets might be left on second-hand units. “You’d think a forensics device used by law enforcement would be wiped before resale. The sheer volume of these units appearing online is indicative that some may not be renewing Cellebrite and disposing of the units elsewhere,” he told Forbes. “Units are intended to be returned to vendor precisely for this reason, people ignoring that risk information on the units being available to third parties.” Hickey discovered that the “secondhand kit contained information on what devices were searched, when they were searched and what kinds of data were removed,” as well as the searched phones’ IMEI (international mobile equipment identity) codes. Also, Wi-Fi passwords were left behind. Apparently, the hacking tools were used to not only break into iPhones but also other smartphones such as Samsung, LG, ZTE, and Motorola. Hickey was able to successfully test the second-hand hacking tools on select iPhone and iPod models. Cellebrite has yet to officially comment on the matter.
