How leaky is the Internet? How many chances does a smartphone have to keep the secrets of the owner, if specialists take on it? We are looking at the offers of the legal market for hack services.
There is a huge, invisible to the citizen world of illegal “hacking”, it sells services and equipment for their provision, and large corporations probably sell their in-house hackers, like sports clubs football players. This is the dark and completely illegal side of the digital world, and in this regard, we will not talk about it. Let's talk better about the 'good guys', whose job it is to investigate and obtain evidence for submission to court. What are they selling now?
Israel
There are several companies in the world that legally manufacture equipment for remote information retrieval. Ordinary citizens have not heard anything about them, despite the fact that they spend budgets as much as smartphone developers in developing their products. One such company is Israeli Cellebrite, still located at 94 Shlomo Schmelzer, Petah Tikva 4970602, POB 3925, Israel. The company's portfolio includes software and physical products for retrieving information from electronic devices, both contact and remote. There is nothing illegal about this, as Cellebrite's target audiences are forensic experts and field agents of government organizations around the world. In other words, nothing will be sold to you unless you pass a thorough background check.
In 2017, the Investigative Department of the Investigative Committee of the Russian Federation for the Volgograd Region passed such an audit and received at its disposal a 'portable hardware complex UFED Touch2 Ultimate Ruggedized (pictured below) for autonomous retrieval of information' for 800,000 rubles.
The company's portfolio includes a tablet, a laptop and something like a candy bar. Unfortunately, it is not possible to find out the real cost of the goods, since for this you need to register and undergo a check on the attitude towards state executive bodies or the General Staff (which will not be passed).
According to the company itself, it is' a global leader in digital intelligence with more than 60,000 licenses deployed in 150 countries, providing law enforcement, military and intelligence services and corporate customers with the most complete, industry-proven set of solutions for digital forensics, sorting and analytics '.
Now, friends, think. What does Cellebrite know if they have their own cloud connected to the hardware they sell? Yes, it is manually activated, but …
Russia
Elcomsoft (founded in Moscow in 1990) sells software products for Windows and MAC that will allow you to crack a locked iPhone (any), recover erased information and collect all passwords in one folder. As in Israel, these information weapons are not sold to just anyone, they carefully check the buyer. As far as I understand, the program is trying to brute force passwords until it finds a suitable one. And the waiting time for hacking directly depends on the power of the computer's central processor and its video card (a mathematical block is used) on which this software runs.
Unfortunately, the company does not offer ready-made devices like a kind of laptop with a small radar that jamming and hacking everyone around. But the price for a product of this kind is also relatively low – only 199,995 rubles for a general license for one copy of the software. Again, it is assumed that there are some additional hidden opportunities for special services. Among the latest achievements of the company, we can note the event on May 17, 2018, when the guys reported on the successful theft of data from Google Drive using the Cloud Explorer 2.10 tool (129995 rubles for MAC and Windows) without entering a password.
All the user's body movements in the smartphone and the cloud become visible, all data are available for download, an identifier works, showing from which device they were uploaded. Also note that Elcomsoft labs use Windows 7, not dubious Windows 10 or MAC.
The company does not live in poverty at all, because for each specific type of hacking, it created a separate software product and hung a nice price tag on it. For example, Elcomsoft Wirelles Security Audi tor Wi-Fi password cracking program with WPA2 / WPA2-PSK encryption type costs only 17,995 rubles. Its performance can be judged by the table:
And even if the table does not indicate a specific time of cracking, but the figure itself – the generation of 650,000 password options per second (also along predetermined boundaries, including the 'mutation' of proper names) – commands respect. These are not pathetic thousands, as in most illegal home-made programs written by dark enthusiasts.
Alas, if Elcomsoft does have hardware for remote hacking of devices over the radio, then they could not be detected.
Cyprus
The undoubted hit of the spring / summer 2018 season is the Cypriot NKVD funnel of the digital age from WiSpear. The nest of the world Wi-Fi hacking on wheels is located at its legal address in Cyprus, and the research center is in the glorious city of Kiev. Obviously, they are registered in Cyprus to avoid taxes, but we are not talking about that now.
The SpearHead 360 minibus is an ordinary car with a powerful computer, several state-of-the-art routers (model unknown) and good Wi-Fi antennas for working at a distance of 500 meters. The kit includes:
What is amazing? Imagination is struck by the price of 5,000,000 US dollars for which they are trying to sell cars. Let's discuss the 'budget option' as if we were building such a 'hack-mobile' ourselves:
'Niva' 4×4 used in normal condition ~ 300,000 rubles, a laptop based on Windows with an NVidia GTX1080 video card ~ from 145,000 rubles, an LTE modem (for communication with the 'base') ~ 2,000 rubles, Wi-Fi router Asus RT-AC53 ~ 3,000 rubles, three pieces of Wi-Fi antennas 'Antex' AX-2420P Mimo 2 × 2 BOX ~ 11,400 rubles, software from Elcomsoft (various) ~ RUB 2,000,000 In total, a makeshift hack-mobile will cost from 2,316,000 rubles (approximately 37,000 USD):
If instead of 'Niva' you take an old bike, it will come out even cheaper, but in this case, you can easily light up. This is just a sketch, give your opinion, what's missing?
USA
Nothing radically new or advanced (against the background of others) companies in this country do not offer or hide it.
Conclusions:
Even from the information that is available in open sources, it is obvious that there is no protection against hacking in smartphones and will not be. And we can only advise the following:
If you don't want your email to be hacked, don't use it.
If you want to prevent your intimate photos from being stolen, do not post them on the Internet.
If you are told that iPhone or Samsung cannot be hacked, do not believe it.
Do not walk around the city with Wi-Fi turned on, there may be a Cypriot car that does not know the words of love.
Ask the Kaspersky Lab and other domestic companies to write software for a PC that would regularly change the password for the router and display the barcode for connection on the monitor screen only to its owner.