Apple's iOS operating system is considered one of the most secure on the market. However, even this software cannot withstand everything. In recent years, cases have repeatedly surfaced in which cyber criminals have managed to circumvent the system's security measures. Now the last barrier that protected new iPhones from access by intelligence services seems to have fallen.
Now even new iPhones are no longer safe
The US Federal Bureau of Investigation (FBI) has been struggling with a significant problem since the release of iOS version 17.4: investigators could no longer crack suspects' smartphones with the tools they used. This limited their options in digital forensics and made it more difficult to obtain possible evidence. However, this hurdle has recently become a thing of the past.
On X, the team behind the GrapheneOS custom ROM project revealed that data mining company Celebrite has released a new version of its iOS Support Matrix, a document that provides detailed information about which iOS versions and device models are supported by Cellebrite Premium services – the services that agencies like the FBI use to bypass iPhone security measures.
The Israeli digital forensics company's services make it possible to extract and decrypt data from iOS devices, even if they are locked or encrypted. The matrix helps investigators understand which devices and software versions are compatible with the extraction tools.
Not only criminals in the crosshairs
Cellebrite's technologies and tools, including Cellebrite Premium, could potentially be abused by cybercriminals if they fall into the wrong hands. With access to these tools, criminals could extract personal data, unlock devices, and extract confidential information without authorization. This could facilitate identity theft, financial fraud, and other forms of cybercrime.
In addition, cybercriminals could use the ability of Cellebrite products to crack encryption and bypass security protocols. Cybercriminals and authoritarian regimes also abuse other software in a similar way, such as the “flying Trojan” Pegasus. Dictatorships sometimes use it to spy on activists, opposition figures and journalists.
What about Android phones?
A look at the Cellebrite Premium 7.69.5 Android Support Matrix from July 2024 reveals that the tool is still unable to crack locked devices running on GrapheneOS. “A locked GrapheneOS device also reverts from AFU to BFU after 18 hours by default,” the team explained via X.
- AFU : After the first activation of the operating system
- BFU : Before the first activation of the operating system
In principle, however, users of most Android devices are not safe from access via Cellebrite Premium.
Source: X/@GrapheneOS
By Philipp Rall
