FBI paid professional hackers to gain access to San Bernardino iPhone – report

Hackers reportedly supply zero-day exploit to allow US law enforcement entry to device, which may put older iPhones at risk of cyber criminals

The FBI reportedly bought a previously unknown security bug from a group of professional hackers to gain entry to the San Bernardino iPhone 5C, according to the Washington Post.

The report suggests hackers supplied at least one so-called zero-day flaw in the iPhone 5C’s security that allowed the FBI to circumvent the lockscreen and automatic wipe feature that kicks in after 10 wrong passcode entries.

The hack meant the FBI dropped its attempt to force Apple to create software to unlock the iPhone 5C, which the company said would put all iPhones at risk.

The FBI has already clarified that the hack bought for a one-time-fee cannot break into newer iPhones, including the iPhone 5S or later, but the hack could affect any iPhone 5C or older, including the iPhone 5 and 4S.

The hackers are said to be professional security experts who probe software, devices and services to find vulnerabilities that they can exploit. They then sell the bugs to governments and third-parties, including those who make surveillance tools similar to the software exposed during a data breach of Italian firm Hacking Team.

The security bugs are not disclosed to the makers of the software or hardware, in this case Apple, because they only retain value while functional. The US government has yet to decide whether it will disclose the vulnerability to Apple, but its hand may be forced if it is required to disclose the information in a criminal case under the rules of discovery.

It is unknown how the hack operates or whether the hackers sold the flaw to any other agencies or third-parties, but if it is not disclosed to and fixed by Apple, it could leave anyone with an iPhone without a fingerprint sensor at risk of having their smartphone hacked.


Samuel Gibbs

The GuardianTramp

Related Content

Article image
San Bernardino iPhone hack won’t work on newer models, says FBI
Director James Comey says US government in discussions over whether to reveal details of purchased hack that only works on 5C and older devices

Samuel Gibbs

07, Apr, 2016 @3:00 PM

Article image
FBI bought $1m iPhone 5C hack, but doesn't know how it works
US law enforcement agency in possession of mechanism for unlocking iPhone 5Cs or older – but identity of hackers closely guarded secret

Samuel Gibbs and agencies

29, Apr, 2016 @8:46 AM

Article image
Snowden: FBI's claim it can't unlock the San Bernardino iPhone is 'bullshit'
NSA whistleblower rubbishes claims that only Apple can unlock killer’s iPhone 5C, indicating FBI has the means itself

Samuel Gibbs

09, Mar, 2016 @11:30 AM

Article image
FBI could force us to turn on iPhone cameras and microphones, says Apple
Eddy Cue warns precedent set by San Bernardino case could lead to company being forced to turn users’ smartphones into surveillance devices

Samuel Gibbs

10, Mar, 2016 @2:33 PM

Article image
FBI to help US law enforcement unlock iPhones, report says
Leaked FBI advisory tells state and local law enforcement that they are ‘in this together’ and federal agency will aid unlocking of iPhones where possible

Samuel Gibbs

04, Apr, 2016 @10:01 AM

Article image
iPhone 5S and iPhone 5C launch to 'brighten everyone's day', says Apple

Apple will launch top-end iPhone 5S and cheaper iPhone 5C in an event to be shown to a select group in China

Charles Arthur, technology editor

09, Sep, 2013 @10:05 AM

Article image
iPhone 5S preview: what to expect from Apple's premium handset

We run through the likely features on Apple's latest premium handset. By Samuel Gibbs

Samuel Gibbs

10, Sep, 2013 @10:36 AM

Article image
Is the FBI v Apple PR war even about encryption?
What the US intelligence agency is asking the tech company to do may not affect mobile security as much as its CEO Tim Cook wants you to believe

Alex Hern

23, Feb, 2016 @10:39 AM

Article image
iPhone 6S security hole lets attackers access contacts and photos without passcode
Security hole allows attackers to quickly access personal information on a locked iPhone 6S or 6S Plus using Siri, Twitter and 3D Touch

Samuel Gibbs

05, Apr, 2016 @10:02 AM

Article image
Apple unveils iPhone 5S and iPhone 5C - video

Two new iPhone models are unveiled at the Apple campus in Cupertino, California, on Tuesday

10, Sep, 2013 @7:06 PM