Connect with us

Hi, what are you looking for?



Hacker Leaks Tools Stolen From Cellebrite

The hacker who recently breached the systems of Israel-based mobile forensics company Cellebrite leaked some tools on Thursday and promised to dump more of the stolen data in the future.

The hacker who recently breached the systems of Israel-based mobile forensics company Cellebrite leaked some tools on Thursday and promised to dump more of the stolen data in the future.

While its investigation is still ongoing, Cellebrite has confirmed that someone had gained unauthorized access to its systems, stealing roughly 900 Gb of data.

According to the company, most of the data represents logs from its end-user licensing system my.Cellebrite and other unimportant files, such as 350 Gb of offline world map backups.

The compromised data does include customer contact information from a my.Cellebrite backup, but the company says “full passwords” or payment information have not been obtained – although it has admitted that some password hashes have been stolen.

Cellebrite also admitted that the hacker gained access to information on technical support inquiries, but claims the exposed files are not related to open support cases.

“Contrary to some erroneous reports, the attack did not impact any Cellebrite intellectual property related to the delivery of Cellebrite Forensic products and services, such as proprietary source code,” the company stated. “There is no increased risk to Cellebrite Forensic customers as a result of normal, ongoing use of Cellebrite UFED software and hardware, including routine software updates.”

In an effort to prove that he had stolen much more than just basic contact information, the hacker leaked what he claims to be “exploits” for iOS, Android and BlackBerry devices.

The download links no longer work, but Vice’s Motherboard learned from forensics expert Jonathan Zdziarski that many of the leaked iOS-related files appear to be widely available tools from the jailbreaking community. Zdziarski said he would not call the leaked files “exploits.”

Advertisement. Scroll to continue reading.

In a message posted on Pastebin, the hacker admitted that the Apple tools are widely available, but claimed that the BlackBerry tools are “worth a look at.”

Cellebrite told Motherboard that the tools leaked this week are part of the distribution package of its application, but reiterated that source code was not compromised.

The hacker said he also plans on leaking what he describes as “a sample of files retrieved via the weaponized Cellebrite update service deployed on MS Windows based devices and desktops (SYSTEM privs) within the customer infrastructure.”

Related: Israeli Firm Can Steal Phone Data in Seconds

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.