Israeli firm Cellebrite, the popular company that provides digital forensics tools and software to help law enforcement access mobile phones in investigations, has had 900 GB of its data stolen by an unknown hacker.
But the hacker has not yet publicly released anything from the stolen data archive, which includes its customer information, user databases, and a massive amount of technical data regarding its hacking tools and products.
Instead, attackers are looking for possible opportunities to sell the access to Cellebrite system and data on a few selected IRC chat rooms, the hacker told Joseph Cox, contributor at Motherboard, who was contacted by the hacker and received a copy of the stolen data.
Meanwhile, Cellebrite also admitted that it recently experienced "unauthorized access to an external web server," and said that it is "conducting an investigation to determine the extent of the breach. The impacted server included a legacy database backup of my.Cellebrite, the company's end user license management system."
The 900 GB of stolen archive also includes login data (usernames and passwords) of Cellebrite customers, which suggests that it has been taken from the web servers related to Cellebrite's site.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
The dump also contains "evidence files from seized mobile phones, and logs from Cellebrite devices," as well as it appears that company has sold phone hacking tools to repressive regimes, such as Turkey, the United Arab Emirates, and Russia.
On the other hand, the hacker did not clearly state the actual extent of what he/she had done to Cellebrite's systems.
"I can't say too much about what has been done," the hacker told Motherboard. "It's one thing to slap them, it's a very different thing to take pictures of [their] balls hanging out."Cellebrite is known for its powerful hacking tool Universal Forensic Extraction Device (UFED) that help investigators bypass the security mechanisms of mobile phones, especially iPhones, and extract all data, including SMS messages, emails, call logs and passwords from them.
Just a few months back, Cellebrite's most sensitive in-house capabilities were made public by one of its products' resellers, who distributed copies of Cellebrite's firmware and software for anyone to download.