Secretive GrayKey Helps New York Cops Hack iPhones for $15,000

2018-07-06 2262 Posted by 3uTools

With its promise to unlock the latest Apple iPhone models, the Grayshift GrayKey has been increasingly popular across local and federal police forces. From the FBI and the Coast Guard to the IRS, U.S. government divisions have become big fans of the hacking box, which hooks up to iPhones via the Lightning port before attempting to find device passcodes.

But, until now, there was no solid evidence GrayShift’s digital lockpick worked as advertised. No case had been documented where the GrayKey had cracked open an actual iPhone. But this week Forbes obtained a successful application for a court order (published below) to allow the Special Narcotics Prosecutor for New York to use GrayKey to unlock a pair of iPhones belonging to a suspect accused of selling crack to an undercover officer.

Legal representation for the suspect, whose name has not been revealed, said they believed GrayKey was successful in gaining access to the client’s iPhones. Jerome Greco, staff attorney at the Legal Aid Society, told Forbes his team was waiting to learn what data was actually obtained from the devices. The client was arrested in summer 2017 and in winter of that year investigators tried to access the phone without GrayKey but failed, Greco explained. The order allowing use of GrayKey arrived this spring, said Greco, who declined to give precise dates to protect the identity of the client. He was also unable to divulge the models of the searched iPhones.

Secretive GrayKey Helps New York Cops Hack iPhones for $15,000

According to the court filing, a forensics expert at the Special Narcotics Prosecutor believed GrayKey would allow him to obtain the iPhones’ passcode and “perform a full data extraction on the devices’ hard drive, SIM card and its applications.” The order was granted by an unnamed New York judge.

GrayKey has become a desired tool across government as it attempts to access Apple’s increasingly secure smartphones. GrayShift was launched in the months proceeding the San Bernardino terrorist incident in 2016, when the FBI asked Apple to help it access the iPhone 5C of shooter Syed Rizwan Farook. Apple declined, and the government was left to find other ways of searching iPhones.

In the months that followed, former FBI director James Comey and his replacement Christopher Wray continued to push industry to come up with solutions to allow access to encrypted phones. But this year, it became clear private industry had developed techniques to access Apple systems. First, Forbes revealed Israeli provider Cellebrite claimed it had a way to crack the latest iOS-based models, right up to the iPhone X. Shortly after, Forbes uncovered Grayshift, then an unheard of Atlanta-based entity cofounded by an ex-Apple security staffer, that was promising much the same as Cellebrite at the cost of between $15,000 and $30,000. Quoting Forbes’ reporting, Congressmen and women sent a letter to FBI director Wray, asking whether the agency was exhausting all options to access iPhones before asking for Apple assistance.

Just recently Apple released an update for iPhones that appeared to counter GrayKey’s effectiveness. Called USB Restricted Mode, the feature disables connections via the Lightning port an hour after the device has been last unlocked. The iPhone can only be charged via the port unless the user unlocks the iPhone. But Grayshift claimed its tools still worked as marketed.

How to trust GrayKey?

Alongside concerns over what secret iOS vulnerabilities GrayKey is exploiting, Greco also brought up anxieties around the reliability of the tool from a legal perspective. He fears that any bugs in the technology could alter what’s on a seized iPhone, which could include evidence used in court.

“I can’t know it doesn’t change something on the phone. I don’t suspect them of doing something malicious, but the nature of code and technology, there are mistakes,” he said.

Greco has similar concerns about Cellebrite’s Advanced Services, where police aren’t given a hacking box as with GrayKey. Instead, Cellebrite asks police to send the devices into labs where its engineers attempt to break Apple’s security measures.

And while vendors say only law enforcement are granted access to the tools, there were regular examples of police misconduct across America every day, Greco added. “They routinely do things that violate the Constitution.”

Source: forbes

Related Articles

Cellebrite Executive Talks iPhone Hacking in Rare Interview