Phone hackers for hire: a peek into the discreet, lucrative business tapped by the FBI
Jonathan Keane finds that many companies could hack a phone, but, unsurprisingly, they don’t advertise
hen the FBI paid someone to crack the San Bernardino shooter’s iPhone, it didn’t just deftly bypass Apple’s objections. It also made the public aware of the business side of hacking – a business that is apparently as lucrative as it is discreet. “The recent argument between Apple and the FBI over unlocking an iPhone has likely revealed to the public for the first time that companies who specialise in cracking mobile devices even exist,” said Bill Anderson, chief product officer at OptioLabs (optiolabs.com), a mobile-security developer.
Everything we learn about the FBI’s hackers makes the situation more intriguing. Initial reports indicated the agency was using the services of Israeli mobile forensics firm Cellebrite to crack open Syed Rizwan Farook’s iPhone. Since then, a report in the Washington Post claimed the FBI hired independent professional hackers, who used a zero-day exploit (a vulnerability
Wunknown to Apple). Another report revealed that the FBI is now willing to help local law enforcement agencies around the country crack iPhones they have in evidence.
Though the FBI has remained quiet on any specifics, a recent remark by FBI Director James Comey suggested the fee for the hack was well over a million dollars. Most recently, the FBI declined to divulge details to another government program (the Vulnerabilities Equities Process), claiming ignorance of how the hack actually worked.
Cellebrite, or whoever it may be, is just one company that can attempt to unlock a phone in law enforcement’s possession, but now we – and profit-minded hackers – also know how profitable this business can be, pointed out Shane McGee, chief privacy officer at cybersecurity firm FireEye. “That publicity is like a beacon to vulnerability researchers and security experts that would otherwise show little interest in hacking iOS,” he told us.
Beyond one phone
Farook was using an iPhone 5c, so there could be other vulnerabilities in this phone and others that have yet to be found – and possibly monetised. “While most researchers that discover vulnerabilities practice
The argument between Apple and the FBI over unlocking an iPhone has likely revealed to the public that companies who specialise in cracking mobile devices even exist