How the FBI Hacked the Trump Shooter's Phone

Seytonic

18 Jul 202410:17

Summary

TLDRThe FBI claims to have hacked a failed Trump assassin's phone, potentially using Israeli tech from Cellebrite. AT&T suffers a massive data breach affecting over 100 million customers, with a hacker demanding a $1 million ransom. Apple removes VPN apps from the Russian App Store at the government's request, raising questions about corporate compliance with authoritarian laws.

Takeaways

🔍 The FBI has reportedly hacked the phone of Thomas Matthew Krook, a failed Trump assassin, using undisclosed methods.
📱 Speculation suggests the phone might be a Samsung model, possibly the A25, based on leaked images.
👁️‍🗨️ Law enforcement might have used the deceased's fingerprint to unlock the phone, exploiting the brief window where the electric charge in the body remains.
🔐 The phone was sent to an FBI lab in Quantico, Virginia, where it was unlocked using technology from Cellebrite, an Israeli forensics company.
🤖 Cellebrite's tools exploit vulnerabilities in iPhones and Android devices, allowing data extraction from both 'hot' and 'cold' devices, though the specifics are kept secret.
💼 Proton Mail is highlighted as a privacy-focused email service, protected by Swiss privacy laws, and offering a free tier along with a comprehensive privacy ecosystem.
📉 AT&T has suffered a massive data breach, with a hacker stealing call and SMS records of nearly all of its customers, affecting over 100 million people.
🔒 The breached database was protected by a single username and password, lacking multi-factor authentication, making it vulnerable to attacks.
💸 The hacker, allegedly part of the group Shiny Hunters, demanded a ransom from AT&T, which was reportedly paid in part, with a video provided as proof of data deletion.
🚫 Apple has removed dozens of VPN apps from the Russian App Store at the request of the Russian government, affecting popular services like NordVPN, Proton, and PIA.
🏛️ The Russian government's actions against VPNs are part of a broader trend of controlling internet access and limiting privacy, with inconsistent enforcement due to reliance on individual ISPs.

Q & A

What did the FBI claim about hacking the phone of the failed Trump assassin?
-The FBI claimed that their technical specialists successfully gained access to Thomas Matthew Krook's phone. The hacking methods used by the FBI depend on the model of the phone the assassin had.
What clues were there about the type of phone the assassin had?
-Pictures leaked to the press suggested that the phone was an Android device, possibly a Samsung model with three cameras on the back, a flash, and a brand name at the bottom.
How might the FBI have unlocked the phone if it was locked with fingerprint recognition?
-There are reported cases of law enforcement exploiting a corpse's finger to unlock a phone, but this is only possible soon after a person dies because fingerprint scanners rely on the electric charge running through the body.
What is the difference between a 'hot' and 'cold' device in terms of data extraction?
-A 'cold' device is one that has just been rebooted, making user data inaccessible until a passcode is entered. A 'hot' device is one where the user data is accessible because the decryption key is loaded into memory, even if the device is locked again.
What is the significance of the decryption key in a 'hot' device?
-The decryption key, loaded into memory when a device is 'hot', allows for easy extraction of data from the device. This key remains in memory even if the device is locked again, facilitating data access.
What was the role of Cellebrite in unlocking the assassin's phone?
-Cellebrite, an Israeli forensics company, provided the technology used to unlock the phone. Their tools exploit vulnerabilities in iPhones and Android devices to break into and unlock many modern phones.
What was the impact of the AT&T data breach?
-The breach affected over 100 million people, exposing their call and SMS records from 2022 to October 2022. The database included AT&T customer phone numbers and a list of other phone numbers they interacted with.
Why was the AT&T breach particularly concerning?
-The concern arises from the potential combination of this data with other breaches, such as the Facebook data dump of 2021, which could be used to uncover personal identities and relationships, leading to targeted exploitation.
What was the hacker's demand in the AT&T breach?
-The hacker, allegedly a member of the group Shiny Hunters, demanded a $1 million ransom from AT&T, but reportedly settled for $370,000.
Why did Apple remove VPN apps from the Russian App Store?
-Apple removed the apps at the request of the Russian government, which has been trying to restrict the use of VPNs in the country.
What is the potential issue with Apple's compliance with the Russian government's request to remove VPN apps?
-Critics argue that Apple's compliance may be motivated by a desire to retain revenue from the Russian market and that it supports authoritarianism by aiding in censorship.