Last year, the FBI ordered Apple to help crack the iPhone 5c owned by Syed Farook, one of the shooters in the 2015 attacks in San Bernardino. Apple refused, and the FBI reportedly worked with Cellebrite, an Israeli firm that specializes in mobile security. According to a statement from Celelbrite last month, a hacker breached one of its legacy servers. Now the hacker has released some of that data as a warning to the FBI.
The data released includes code that seems to relate to Cellebrite’s Universal Forensic Extraction Device (UFED), and can allegedly crack older iPhones like the 5c as well as Android and Blackberry devices.
Speaking anonymously to Motherboard, the hacker explained that simply creating these tools makes their release inevitable, where they can be used by anyone with technical knowledge, including oppressive regimes around the world.
“It’s important to demonstrate that when you create these tools, they will make it out. History should make that clear,” they told Motherboard.
The ReadMe files on Pastebin.
Claiming to have taken the tools from Cellebrite’s own servers, the hacker says they were able to get into the encrypted files and post them on Pastebin, a popular code repository. Some of the code seems to have been lifted from publically accessible jailbreaking code, as well.
A spokesperson for the firm told Motherboard that the files did not include source code, only packaging information.
Apple CEO Tim Cook said at the time that creating this type of “backdoor” software would be “terrible for public safety.”
While the currently released cracking tools do not include ways to break into current device models, the warning is clear: Once made, tools like this don’t stay private for long.