Hacker Steals 900 GB of Cellebrite Data
motherboard.vice.comFrom TFA, but I switched the paragraph order for this TLDR;
"Cellebrite is an Israeli company whose main product, a typically laptop-sized device called the Universal Forensic Extraction Device (UFED), can rip data from thousands of different models of mobile phones. That data can include SMS messages, emails, call logs, and much more, as long as the UFED user is in physical possession of the phone."
"The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies."
> “To be honest, had it not been for the recent stance taken by Western governments no one would have known but us,” the hacker told Motherboard. The hacker expressed disdain for recent changes in surveillance legislation.
What specific changes are they referring to?
> The hacker, however, remained vague as to the true extent of what they had done to Cellebrite's systems.
This part of the article where they cite the hacker's answer to this question is a totally useless part of the article IMO.
Didn't read the article, curious how you steal 900GB of data, what kind of internet speed do you have? No one noticed this much data being pulled? I don't personally track my server's bandwidth usage. Guess it's time to read.
I could download that in about 3 hours at home with fiber internet, not that big of a window.
At work we use google cloud storage, so if someone had gained access and were downloading stuff we would have absolutely no idea, no without already setup alerts.
I have Google Fiber but on the lower end the 50/50 plan.
Yeah it just seemed like a lot of data to me. Especially if they are just text files not images/videos. Depending on database I don't know. I recently backed up a MYSQL database and it was only in the 10's of MB's with several tables some with over 45,000 rows.
That is something to look into bandwidth monitoring.
It's not hard to get an anonymous server with a good downlink (you can also distribute it across many machines). What make things complicated is that you must assume that there are admins on the victims side and you don't want to get noticed. I guess the attackers either inspect the network to assess them, or they just start slow and if nobody notices the upstream for days or even weeks, they can crank up the speed.
Cellebrite's sysadmins didn't do their job, that's for sure.
Data is apparently somewhat aged, so could have been exfiltrated over a period of time.
They did it in few parts
This article actually links to the login page:
https://cellevault.cellebrite.com/cas/login?service=https://...
sooo, anybody know where I can get my hands on this?
Hackers did not release the data
Then how did Motherboard get it? In the second sentence: "Motherboard has obtained 900 GB of data related to Cellebrite".
Guessing they were sent the data by the attacker