Phone-cracking firm Cellebrite hacked

Source: BBC

Information about the customers of Cellebrite, an Israeli firm that markets hacking tools, has been stolen in a cyber-attack.


The breach was first reported by tech site Motherboard, which said it was sent 900 gigabytes of data by a hacker.

Cellebrite confirmed some information had been taken but said it was not aware of any “increased risk” to clients.

The firm added that it was now notifying affected customers.

Motherboard said the data – which was not distributed online – included “what appears to be evidence files from seized mobile phones, and logs from Cellebrite devices”.

However, Cellebrite did not respond to this in its statement.

When contacted by the BBC, a spokesman said its investigation was ongoing and it had no further information to add.

The firm did say that it recently detected “unauthorised access” on an external web server – activity it described as “illegal” – and that it had launched an investigation into the incident.

It added that the data taken related to an older user account system.

Last year, Cellebrite was linked to the FBI’s attempt to hack an iPhone used by San Bernardino killer Syed Rizwan Farook. The firm has neither confirmed nor denied involvement.

“The information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system,” the company said.

Cellebrite advised users of the my.Cellebrite system to change their passwords.

“The sort of people who use Cellebrite products don’t necessarily want others to know that they’re using it,” said Prof Alan Woodward, a cybersecurity expert at the University of Surrey.

“Law enforcement agencies and perhaps security services will be using it.”

In 2015, hackers stole data from Italian surveillance company Hacking Team and released it on to the web.

The dump included information on countries that had bought Hacking Team products.

“It’s a direct analogy I would say,” Prof Woodward told the BBC. “The embarrassment factor is going to be the same.”

Shadow brokers’ farewell

Separately, 58 hacking tools for Windows PCs were released on to the web by a group calling itself “Shadow Brokers”.

The group announced the release in a farewell message, having attempted to auction the malware online last year. At the time, Shadow Brokers claimed it had been stolen from the NSA.

Besides the newly released files, Shadow Brokers said a full cache of exploits had been left online at a price of 750 bitcoins (£500,000).

Many of the exploits were not “zero days” – attack methods that have not yet been uncovered – but ones that had already been detected by cybersecurity firm Kaspersky, according to one analyst.

“Nobody was willing to pay them,” said Prof Woodward. “They sort of stomped off in a huff, basically.”

Prof Woodward added that while some of the exploits looked “sophisticated” there was no proof that any of the data had been taken from the NSA.

Trump election: US ‘identifies agents behind Russian hack’

Source: BBC

The US has identified the Russian agents behind alleged hacking ahead of the presidential election won by Donald Trump in November, reports say.

The agents, whose names have not been released, are alleged to have sent stolen Democratic emails to WikiLeaks to try to swing the vote for Mr Trump.

Russia denies any involvement and WikiLeaks founder Julian Assange says Moscow was not the source.

Intelligence officials are due to brief Mr Trump, who doubts the claims, later.

Vice-President Joe Biden lambasted the president-elect on Thursday for attacking the intelligence community over the claims, saying it was “absolutely mindless” not to have faith in the agencies.

At about the same time, President-elect Trump appeared to question the intelligence agencies’ findings in a tweet, asking why they decided not to request to examine computers belonging to the Democratic National Committee (DNC).

What are the hacking allegations?

Mr Biden said he had read a US intelligence report outlining Russian involvement, the details of which are emerging in US media.

According to CNNthe Washington Post and NBC News citing intelligence sources, agencies had intercepted communications in the aftermath of the election showing senior Russian government officials celebrating Donald Trump’s win over rival Hillary Clinton.

They had also identified go-betweens who delivered stolen Democratic emails to the Wikileaks website, sources said, without providing further details.

NBC News says the alleged Russian hacking targeted not just the DNC but also the White House, joint chiefs of staff, the department of state and large US corporations.

National Intelligence Director Gen James Clapper, CIA Director John Brennan and FBI Director James Comey are due to brief President-elect Trump on the report in New York on Friday.

An unclassified version will be made public next week.


What do US politicians say?

Vice-President Joe Biden told the PBS network that the report clearly confirmed Russia had tried to “discredit the US electoral process” as part of a systematic campaign to undermine Mrs Clinton.

Her campaign manager, John Podesta, was among those whose emails on the DNC server were hacked.

Mr Biden also criticised Mr Trump for ignoring intelligence on the hack.

“The idea that you may know more than the intelligence community knows – it’s like saying I know more about physics than my professor. I didn’t read the book, I just know I know more.”

Gen Clapper told a hearing of the Senate Armed Services Committee on Thursday that Russian President Vladimir Putin had ordered the hack, and said the motive would be revealed next week.

Republican Senator John McCain, a leading Russia critic in Congress who chaired the hearing, said it was in the interests of all Americans to confront the problem of foreign hacking.

“There is no national security interest more vital to the US than the ability to hold free and fair elections without foreign interference.”

Last week President Barack Obama ordered the expulsion of 35 Russian diplomats from the US over the alleged hacking. Russia has said it will not reciprocate.

What’s Mr Trump’s view?

Mr Trump has repeatedly rejected allegations that the Russian government was behind the hacks.

On Wednesday, he repeated a suggestion that “a 14-year-old” may have been responsible for the breach.

On Thursday, he said he was a “big fan” of intelligence agencies, but later went on to raise questions about they responded to the security breach.

Mr Trump promised last week to reveal information about the hacking, but no announcement came.

His inauguration will take place on 20 January.

What about Russian media? By BBC Monitoring

The pro-Kremlin media line is that the US authorities have failed to present any evidence to substantiate their presidential campaign hacking accusations.

The official Rossiya 24 TV channel says the “US secret services have still not supplied a single piece of evidence”, while the popular web site says Washington has “still not provided any convincing technical data”.

Opposition websites largely cover what the major US networks are reporting, and all note the Kremlin’s denial of involvement.

US reports focus on national security

US media have been voicing concern over the growing divide between their president-elect and the US intelligence community, with the New York Times editorial board singling out Mr Trump’s refusal to accept regular intelligence briefings.

“He is effectively working to delegitimise institutions whose jobs involve reporting on risks, threats and facts that a president needs to keep the nation safe.”

The Washington Post’s David Ignatius views the coming days as a test to see just how supportive of the intelligence system “Trump really is”, comparing his response to hacking claims to the “sort of information fog… Moscow seeks to spawn in its own propaganda campaigns”.

Fox News’ Chris Stirewalt says that after James Clapper’s testimony, it is “clear the nation’s spies are not going to let Trump & Co off the hook here. Their competency, integrity and patriotism have been called into question, and they are not going to let the matter be tabled.”