Signal Creator Reportedly Exploited Vulnerabilities in Cellebrite Data Extraction Devices

3 years ago

The the creator of messaging app Signal, has written a long blogpost calling out various vulnerabilities in Cellebrite’s devices.

A new report from Vice reports that the founder of security-focused messenger Signal, Moxie Marlinspike, revealed today that he found and exploited vulnerabilities in software from Cellebrite, a company that specializes in digital forensics tools that have been used by authorities around the world to extract data from phones.

According to Marlinspike’s analysis of the company’s tech, its software is itself full of security vulnerabilities, explaining that he obtained a Cellebrite-branded package containing dongles, its latest software, and cables after he saw it “fall off a truck ahead of me.”

Analyzing the software, he found that it was possible to hack Cellebrite’s software by leaving specially designed lines of code inside apps on a phone that’s being targeted, like booby traps.

“Anyone familiar with software security will immediately recognize that the primary task of Cellebrite’s software is to parse ‘untrusted’ data from a wide variety of formats as used by many different apps. That is to say, the data Cellebrite’s software needs to extract and disply is ultimately generated and controlled by the apps on the device, not a ‘trusted’ source, so Cellebrite can’t make any assumptions about the ‘correctness’ of the formatted data it is receiving. This is the space in which virtually all security vulnerabilities originate.”

So he placed an innocuous-looking though specially-formatted file on the device that Cellebrite’s software would eventually scan. After that, the attackers could remotely execute any arbitrary code that could modify the unlocker device’s report. Additionalle, the code can modify past and future reports to make authorities question the authenticity of the device.

To demonstrate the possibilities of the hack, the Signal team used the MessageBox Windows API to display the message that read: MESS WITH THE BEST, DIE LIKE THE REST. HACK THE PLANET!

At the end, Marlinspike notes that Cellebrite appears to be using Apple iTunes DLLs, which is very likely a breach of copyright. The blog post is definitely worth the read

P.S. Help support us and independent media here: Buy us a beer, Buy us a coffee, or use our Amazon link to shop.

Other articles in the category: News

iOS 17.5 Beta 3 Download and More Released for Developers

After Apple announced today a special event for May 7, likely to debut iPad updates, the company has released another round of beta software updates for developers. Available now is iOS 17.5 beta 3, alongside other equivalent builds: iOS 17.5 beta 3 iPadOS 17.5 beta 3 macOS 14.5 beta 3 tvOS 17.5 beta 3 visionOS...

Gary Ng

9 hours ago

After 14 Years, Apple to Finally Release Calculator App on iPad

In a move that has been long-awaited by iPad users, Apple is gearing up to launch a built-in Calculator app for the iPad as a key new feature of iPadOS 18.

Usman Qureshi

10 hours ago

Microsoft’s New Phi-3 AI Model Can Run on Smartphones

Microsoft has just rolled out Phi-3, its latest open-source small language model designed to revolutionize the capabilities of compact AI models.

Usman Qureshi

11 hours ago