Cellebrite UFED and MSAB mobile forensics & hacking tool source code leaked by hacktivista

Cellebrite, an Israeli company that specializes in mobile forensics, seems to have been the victim of yet another data breach, in which hackers made off with 1.7 terabytes worth of information. Additionally, the hackers claim that they took 103 gigabytes of data from the forensics company MSAB, which is located in Sweden.

Both DDoSecrets and the official website Enlace Hacktivista make the wealth of information downloadable for users. In both situations, the information can be found here. It is important to note that, according to Enlace Hacktivista, the material pertaining to Cellebrite and MSAB was sent to them by a “whistleblower who wishes to remain unknown.”

On the webpage of Enlance Hactivista, it was disclosed that the organization obtained the material from an unknown whistleblower. The 13th of January, 2023 was the day it was delivered to them. On the other hand, neither DDoSecrets nor Enlance Hacktivista had made any assertions about the data’s origin, its veracity, or the identity of its sender.

An examination of the 1.7 terabyte archive revealed that it was stocked with the whole collection of Cellebrite software. This comprises the company’s main software, known as UFED, as well as its Physical Analyzer and Physical Analyzer Ultra products, as well as its licensing tools and Cellebrite Reader.

In addition, there were technical guidelines and files that were used in the process of localizing the program. Documents pertaining to customers, with dates ranging from November 19th to December 3rd, 2022, were also included in the archive. The company Cellebrite, which is headquartered in Israel and sells tools and spyware to governments, is regularly condemned for assisting governments in monitoring the actions of human rights activists, officials, dissidents, and journalists.

Cellebrite UFED, which stands for “Universal Forensics Extraction Device,” is one of the company’s most well-known services. Intelligence agencies and law enforcement authorities all over the world use it to access data from mobile devices that have been confiscated in the course of investigations.

The corporation, on the other hand, has turned out to be a target of the data breach this time. After some time, the information was published on the internet via Enlace Hacktivista and DDoSecrets. After further investigation, it was found that 103 gigabytes of data belonging to MSAB, a forensics company located in Sweden, had been compromised. The company has been under fire for giving its services to oppressive governments, such as those in Myanmar, particularly the country’s security forces.

Downloads of both databases may now be obtained through DDoSecrets and Enlance Hacktivista via torrents and direct downloads, respectively.

It is crucial to point out at this juncture that Cellebrite is notorious for cracking cellphones with password protection and stealing the data stored on them. These smartphones include both Android and iOS devices. In fact, the business claimed that its new tool could unlock “virtually every iOS and Android device” in the year 2019.