U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Court documents show FBI could use a tool to access private Signal messages on iPhones

Court documents obtained by Forbes revealed that the FBI may have a tool that allows accessing private Signal messages on iPhones. Court documents related to a recent gun-trafficking case in New York and obtained by Forbes revealed that the FBI may have a tool to access private Signal messages. The documents revealed that encrypted messages can be intercepted from […]

Signal Russia hacker WhatsApp

Court documents obtained by Forbes revealed that the FBI may have a tool that allows accessing private Signal messages on iPhones.

Court documents related to a recent gun-trafficking case in New York and obtained by Forbes revealed that the FBI may have a tool to access private Signal messages.

The documents revealed that encrypted messages can be intercepted from iPhone devices when they are in “partial AFU (after first unlock)” mode.

“The clues came via Seamus Hughes at the Program on Extremism at the George Washington University in court documents containing screenshots of Signal messages between men accused, in 2020, of running a gun trafficking operation in New York.” states Forbes. “There’s also some metadata in the screenshots, which indicates not only that Signal had been decrypted on the phone, but that the extraction was done in “partial AFU.” That latter acronym stands for “after first unlock” and describes an iPhone in a certain state: an iPhone that is locked but that has been unlocked once and not turned off.”

Some forensics security firms. such as Cellebrite and Grayshift/GrayKey, developed platforms for the forensic investigation of mobile devices that allow extraction of sensitive information. In December, the Israeli security firm Cellebrite claimed that it can decrypt messages from the Signal highly secure messaging app.

The tools exploit both software and hardware vulnerabilities to extract data from mobile devices.

Investigators could extract data from iPhone devices in partial AFU mode because encryption keys are stored in memory and could be accessed using specific forensic tools.

At the time of this writing, it is unclear which model of iPhone was accessed by the FBI either the iOS version running on the device.  

“The iPhone in question appears to be either an iPhone 11 (whether Pro or Max) or a second generation iPhone SE. It’s unclear if the police can access private data on an iPhone 12. It’s also not clear what software version was on the device. Newer iOS models may have better security.” continues Forbes. “Apple declined to comment, but pointed Forbes to its response to previous research regarding searches of iPhones in AFU mode, in which it noted they required physical access and were costly to do.”

A Signal spokesperson told Forbes that if someone is in physical possession of a device can exploit an unpatched Apple or Google operating system vulnerability to partially or fully bypass the lock screen, and then interact with the device.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, iPhone)

[adrotate banner=”5″]

[adrotate banner=”13″]