The FBI used an unreleased Cellebrite tool to get into the Trump shooter’s phone


Investigators at the FBI’s Pittsburgh field office first tried to open Thomas Matthew Crooks’ phone with a Cellebrite tool but weren’t able to break into it. The phone was sent to the FBI lab in Quantico, Virginia, on Sunday, where agents called Cellebrite’s federal team, people familiar with the investigation told Bloomberg. Cellebrite sent the FBI an unreleased tool that’s still in development, which was able to unlock Crooks’ phone in 40 minutes.

The Verge has reached out to Cellebrite for comment. The FBI declined to comment.

The speed with which the FBI was able to unlock Crooks’ phone is illustrative of the advancements in mobile device forensic tools (MDTFs) in recent years — but the fact that investigators couldn’t crack the phone using tools currently on the market shows how developments in operating systems can quickly render these tools obsolete. 

Crooks had a newer Samsung phone that runs on an Android operating system. Internal Cellebrite documents obtained by 404 Media show that the Cellebrite tools currently on the market have failed to unlock many phones running iOS 17.4 or newer, as well as Google Pixel 6, 7, and 8 phones that have been turned off.

In a briefing with members of Congress on Wednesday, the FBI said Crooks had searched for the dates of former President Donald Trump’s public appearances, as well as the dates of the Democratic National Convention in Chicago, according to various media reports. Crooks also reportedly looked up prominent figures, including FBI Director Christopher Wray and Attorney General Merrick Garland. 

According to media sources, FBI officials also said they found a Steam profile they believed belonged to Crooks and that Crooks posted an ominous warning message ahead of the shooting that read, “July 13 will be my premiere, watch as it unfolds.” CNN later reported that investigators now believe the account is fake.



Source link