Machines anyone can buy on eBay should worry iOS and Android users

Machines anyone can buy on eBay should worry iOS and Android users
Need to break into a locked Apple iPhone, or Android smartphone? Purchasing a hacking tool from Cellebrite, the Israeli firm that sells them to law enforcement, businesses and the military, will normally cost $6,000 and up for a new box. If you can't afford to purchase a new Cellebrite machine, you might be able to find one on eBay for as little as $100.

The company became famous in 2016 when a court ordered Apple to unlock an iPhone 5c belonging to San Bernardino shooter Sayed Farrok. Apple refused to do so, saying that it would have to create a whole new version of iOS in order to comply. The company worried that such software could be stolen by hackers. Eventually, the FBI said that it paid another firm, believed to be Cellebrite, to unlock the phone. The agency found no useful information inside Farook's iPhone 5c.

Apparently, former Cellebrite users needing to raise cash are selling them on eBay for prices as low as $100, despite pleas from the company not to do so. Cellebrite is concerned that equipment purchased from the online auction site could be used to illegally break into people's phones. And they are also concerned that a Cellebrite machine not properly wiped could offer up a treasure trove of information related to the previous use of a specific machine.

For example, one researcher who purchased a dozen of these boxes found data on them revealing the names of the devices that they were used on, the date when this took place, and these phones' unique IMEI numbers. The latter can be used to track down any of the phones that the previously owned Cellebrite machines were used on. Chats and contact lists can also be found on previously used hacking boxes.

A Cellebrite rival, GrayShift, has a similar box called GrayKey that uses a technique called "brute force" to unlock iPhones. With this process, the box runs through all possible combinations of numbers and letters to find the correct combination. The device is plugged into an iPhone's Lightning port to unlock it. In iOS 12, Apple launched USB Restricted Mode, which restricts the use of the port to communicate with another device if the phone has not been unlocked for over an hour. GrayShift said last summer that its box has other capabilities to tay one step ahead of Apple.

If regular people are picking up Cellebrite and other cracking devices on the cheap, it doesn't bode well for those who expect the information they put on their phones to remain private.



1. ph00ny

Posts: 2055; Member since: May 26, 2011

It's not that simple. In order for someone to read the contents of the image extracted by cellebrite ufed, you still need the software component of it. One other thing to note is that when you create a physical image of the device, it can also reestablish deleted items. I've once found 4k+ deleted text messages from the physical image created from a black berry device. Don't assume your deleted contents are gone forever. Just as it is on computers, when you delete something, it doesn't delete the content until it gets overwritten and it merely removes it from the index

5. TheOracle1

Posts: 2340; Member since: May 04, 2015

Forget all that. There's the little problem of getting a hold your phone first.

7. ph00ny

Posts: 2055; Member since: May 26, 2011

Places where devices like these are used, getting ahold of custodian's device is rarely the problem. Most of the time, surrender of the device is required and agreed on

2. CTHR100

Posts: 22; Member since: May 12, 2017

I feel like this article is almost a scare tactic for people. And written poorly to get people to read and feel insecure about what they have. As is already stated, it's not as simple as simply plugging in a phone into the machine and getting all the info from all the previous devices. Also, it is not normally people who have ill intentions buying these. Prefacing that these devices exist and the most common use for them is hailbraking an iPhone, or gov agencies using them for security reasons, even large companies use these on their employee provided phones if they feel they need to. Again, scare tactics.

3. airoid

Posts: 130; Member since: Dec 13, 2016

This device is for cracking iOS, but why the title mention Android?

6. ph00ny

Posts: 2055; Member since: May 26, 2011

It's not a single purpose device designed for "cracking" ios. It's a device designed to extract physical/logical image of a device for various purposes including evidence management/forensic investigations, etc

10. civicsr2cool

Posts: 273; Member since: Oct 19, 2016

theyre used more for "cracking" Androids than they are for "cracking" iPhones..

8. mel0524

Posts: 81; Member since: Mar 02, 2017

The cellebrite machine sells on eBay is just old as 4-5yrs back. That doesn't support iOS devices to read passcode data. As you can see is cheap! Those are just for contact transfers data lol

11. matistight

Posts: 997; Member since: May 13, 2009

Please fire whoever wrote this for not doing their research. These things can't even pull contacts even if you HAVE the password to the phone, click trust and have iCloud on. If someone finds your phone, this machine will be able to do NOTHING without having a password. And with android phones, usb debugging must be on.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.