cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Software suite of Israeli security firm Cellebrite leaks online

In a case of who watches the watchers (who secures the security companies, perhaps?), Cellebrite’s suite of surveillance software has been posted online.

user icon David Hollingworth
Mon, 16 Jan 2023
Software suite of Israeli security firm Cellebrite leaks online
expand image

According to hacking resources site Enlace Hacktivista, an “anonymous whistleblower” shared the leaked software and files, and the site then decided to share it with all and sundry online.

“An anonymous whistleblower sent us phone forensics software and documentation from Cellebrite and MSAB,” said Enlace Hacktivista on Friday last week. “These companies sell to police and governments around the world who use it to collect information from the phones of journalists, activists, and dissidents. Both companies’ software is well documented as being used in human rights abuses.”

The data, totalling 1.7TB of data, is available in both as torrent file and as a direct download.


MSAB is another surveillance and data forensics outfit, though one based in Sweden.

The Cellebrite data includes its UFED platform, in both standard and cloud versions. According to Cellebrite, this software is “The industry standard for lawfully accessing and collecting digital data”.

Also included are a selection of the company’s “physical analyser” software platforms, and a wide range of localisation files for various languages, including Khmer, Kurdish, and Lithuanian.

The MSAB files are packaged together in a single 96GB .zst file. MSAB’s software has similar functionality to Cellebrite’s.

Cellebrite’s software has been used to spy on journalists in Botswana, and been involved in human rights abuses across the globe, according to digital rights organisation Access Now, while MSAB’s software has been utilised by repressive regimes such as that ruling Myanmar.

Cellebrite, in particular, is aware of how its software is being used, and what that might mean for the company’s reputation. It said in a 2021 investor report that its “products may be used by customers in a way that is, or that is perceived to be, incompatible with human rights”. It also noted that “any such perception could adversely affect [its] reputation, revenue and results of operations”.

“Despite that, the company keeps selling their products to repressive regimes and enabling detentions, prosecutions, and harassment of journalists, civil rights activists, dissidents, and minorities around the world,” writes Natalia Krapiva and Hinako Sugiyama for Access Now.When asked to comment on the leak, Cellebrite denied it was their whole catalogue, as some early reports stated.

"We are aware of the post," a Cellebrite spokesperson told us. "There was no sensitive information exposed. Additionally, neither Cellebrite’s systems nor customer information were jeopardised. The post contains files that are available to Cellebrite customers and will not work without an active license."

"The overwhelming majority of the files are world maps and translation packs, which were likely included to inflate the size and gain undue attention," they added.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.