Cellebrite digital forensics tools leaked online by a reseller

The firmware used by the Israeli mobile forensic firm Cellebrite was leaked online by one of its resellers, the McSira Professional Solutions.

Do you know Cellebrite? It is an Israeli firm that designs digital forensics tools that are used by law enforcement and intelligence agencies to examine mobile devices in investigations.

It became famous when the dispute between Apple and the FBI on the San Bernardino shooter’s iPhone monopolized the headlines.

In April, the FBI director James Comey confirmed the agency used a tool bought from a private source to access the iPhone because Apple refused to help the DoJ in cracking into the San Bernardino terrorist iPhone. Experts speculated that the company is the Israeli mobile forensic firm Cellebrite.

Comey did not provide further details on the hacking tool it has bought and its limitation.

Now the same company is the victim of an embarrassing incident. The Cellebrite hacking firmware was leaked online by one of its resellers, the McSira Professional Solutions.

McSira shared links to download the latest firmware and software versions for his customers. Of course, curious, hackers, competitors, and security researchers accepted the gift.


The reseller hosts software for various versions of Cellebrite’s Universal Forensic Extraction Device (UFED), which is one of the core products of Cellebrite used to bypass the security mechanisms of mobile devices, such as the iPhones. The tool could be used to access the mobile device and extract all sensitive data is includes.

McSira is allowing anyone to download the firmware for the UFED Touch and UFED 4PC (PC version) and copies of UFED packages that could be used to hack into different mobile phone devices, including Apple, Samsung, Blackberry, Nokia, and LG models.

The reseller is also distributing copies of UFED Phone Detective, the UFED Cloud Analyzer and Link Analyzer, that are used by law enforcement to investigate date on seized devices.

Of course, security experts and mobile forensics investigators have already started examining the leaked software to understand the techniques implemented by Cellebrite for its hacking tools.

Mike Reilly, a representative with Cellebrite, told Motherboard that the McSira website’s links “don’t allow access to any of the solutions without a license key.” Hackers need a key in order to use the software, but it is likely that soon someone will be able to obtain it by analyzing the leaked applications.

Let’s wait for an official comment from McSira and Cellebrite.

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2021

We are in our 9th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.