Skip to main content

Cellebrite didn’t do it: Gray-hat hackers unlocked cell phone for FBI

1129714 autosave v1 hackers22
Professional hackers known as gray hats helped the FBI crack the San Bernadino cell phone Shutterstock
Professional hackers used software and hardware to help the FBI unlock the San Bernadino terrorist’s iPhone 5C. Previously Israeli security company Cellebrite was widely assumed to be the source of the unidentified assistance. In the end, however, it was hackers-for-pay who got the job done, according to a report in the Washington Post.

Ordinarily, too many PIN number retries on an iPhone 5C eventually would have trashed all the device’s data. Because a “brute force” effort to try all possible PINs wouldn’t work, another solution was sought. The hired hackers apparently used a two-step process which involved first writing code that defeated the PIN number security features, and then using at least one previously discovered software flaw to create hardware that cracked the phone, allowing the FBI to access the 5C’s data.

Gray hat is the term used to describe professional hackers who sell their discoveries and expertise, typically to government agencies and businesses. The description is midway between “black hats”  and “white hats.” Black hats hack illegally, whether for pay, to steal information, to gain access to restricted sites for personal gain or vendetta, or just to cause a ruckus. White hats are hackers who disclose vulnerabilities or solutions as a public service. In this case, gray hats were the ones who helped the FBI.

Wide reports including one from an Israeli newspaper previously suggested Cellebrite was the company that cracked the terrorist’s phone. The U.S. government acknowledged that a number of companies had offered help, but did not disclose who provided the solution that worked.

Still in question is whether the FBI will disclose the procedure it used. The FBI Director has previously said the tricks used are only good for iPhone 5Cs running iOS 9. Apple and other firms have an interest in knowing how the security is defeated, but in this case Apple has stated that it won’t sue the U.S. government for the information. Encryption and personal privacy issues as they affect national security and law enforcement investigations remain major concerns of all parties.

Editors' Recommendations

Bruce Brown
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
FBI to help unlock an iPhone in Arkansas murder case
apple new york iphone doj passcode

Just days after the FBI, possibly through a third party, successfully hacked into the iPhone linked to one of the San Bernardino terrorists, the government agency is expanding upon its new-found abilities, this time in Arkansas. Officials have promised to aid a local prosecutor in his attempts to unlock an iPhone and an iPod that belong to two teens accused of murdering a couple in Conway, postponing the impending trial by a few months.

According to Faulkner County Prosecuting Attorney Cody Hiland, the federal agency approved his request on Wednesday afternoon, and it seems that the FBI has received a number of similar requests since first cracking the San Bernardino device. The ability to bypass Apple's security has been at the heart of an ongoing privacy debate between tech companies and the American government, and despite the agency's success in unlocking an iPhone without its maker's help, the issue remains a contentious one. 

Read more
FBI drops its fight with Apple over shooter's recovered iPhone 5C
fbi apple vacate whos with or

Looks like the feud between Apple and the FBI is over – at least for now -  as government officials told the press on Monday that a third party managed to unlock the controversial iPhone 5C that was previously assigned to Syed Rizwan Farook, one of the individuals of the December 2015 San Barnardino shootings. Unfortunately, there is no information regarding who unlocked the phone, or what was obtained from the device.

Before the device was unlocked by an unknown party, the FBI faced a roadblock thanks to the phone’s passcode feature, which would begin deleting information if the code was entered incorrectly more than ten times. Since the iPhone 5C encrypts its storage, there was no way to access it without knowing the passcode -- or so everyone thought.

Read more
Cellebrite may be third party offering to crack San Bernardino shooter’s iPhone
apple 2016 first quarter iphone 6s plus review camera

After the showdown between Apple and the FBI was resulted in a postponement, there was a scramble to find out which "third party" was offering the government a way to crack the San Bernardino shooter's iPhone -- and according to Israeli newspaper Yedioth Ahronoth, it's Israeli firm Cellebrite.

On March 21, U.S. Magistrate Judge Sheri Pym had a conference call with Apple's lawyers and representatives for the United States. The conversation involved Apple trying to convince the judge to vacate the court order that compelled it to offer a backdoor into the iPhone of the shooter that killed 14 people in San Bernardino last December. The FBI moved to postpone the hearing after it learned of another possible way to get into the iPhone without Apple's help at all.

Read more