According to the Enlace Hacktivista group, the Cellebrite and MSAB data (both are smartphone forensic firms) was provided to them by an “anonymous whistleblower.”
The Israeli mobile forensics firm, Cellebrite, has apparently suffered yet another data breach in which hackers managed to steal 1.7 TB of data. The hackers are also claiming to have stolen 103 GB of data from MSAB, a Sweden-based forensics firm.
In both cases, the trove of information is available for download on DDoSecrets and the official website Enlace Hacktivista. It is worth noting that, according to Enlace Hacktivista, the Cellebrite and MSAB data was provided to them by an “anonymous whistleblower.”
Cellebrite Data Leak Details
The Petah Tikva, Israel-based Cellebrite is frequently criticized for aiding governments with its tools and spyware to monitor the activities of human rights activists, officials, dissidents, and journalists.
Cellebrite UFED (Universal Forensics Extraction Device) is among its most famous services availed by intelligence agencies and law enforcement authorities globally to access data from mobile devices seized during investigations.
This time, however, the company has become a target of the data breach. The data was later posted online by Enlace Hacktivista and DDoSecrets. Further analysis revealed that 103 GB of data from MSAB, a Sweden-based forensics firm, was also leaked. The firm is criticised for providing services to repressive regimes including Myanmar’s security forces.
Both databases are currently being offered for downloading through torrents and direct downloads from DDoSecrets and Enlance Hacktivista.
Here, it is worth mentioning that Cellebrite is known for breaking into passcode-secured smartphones, including Android and iOS devices, and extracting their data. In fact, in 2019, the company claimed its new tool could unlock “almost any iOS and Android device.
Reportedly, Cellebrite also played a major role in unlocking the iPhone device of San Bernardino back in 2016. Nevertheless, the apparent hack should not come as surprise since Cellebrite has a history of data breaches.
Previous Cellebrite Data Breaches
- Cellebrite Hacked; 900 GB data stolen
- Anonymous Source Leaks 4TB of Cellebrite Data
- Signal CEO hacks Cellebrite cellphone hacking tool
- iPhone hacking tool Cellebrite is being sold on eBay
- Hacker Dumps Hacking Tools Stolen from Cellebrite
Who Stole the Data?
Enlance Hactivista’s homepage revealed that they received the data from an anonymous whistleblower. They received it on January 13th, 2023. However, DDoSecrets and Enlance Hacktivista hadn’t made any claims about the source of data, its validity, and the sender’s identity.
What Data is Leaked?
An analysis of the 1.7TB archive indicated that it contained the full suite of Cellebrite programs. This includes its flagship software UFED, the Physical Analyser, Physical Analyser Ultra, license tools, and the Cellebrite Reader.
Moreover, there were technical guides and files used to localize the software. Customer documents were also part of the archive, dated from November 19th to December 3rd, 2022.
It is reported that sensitive data wasn’t leaked, and Cellebrite’s systems or customer information wasn’t impacted. Most of the leaked files are world maps and translation packs.