The Washington Post reports that the FBI paid an Australian firm, Azimuth Security, to unlock a disputed Apple iPhone. The exploits are now known as the “Condor Hack.”The phone was linked to the deadly 2015 San Bernardino shooting.
The Washington Post describes the exploits used to break into the iPhone in March 2016. The process of unlocking the phone became known as the “Condor hack” in intelligence circles.
The phone that created the controversy was seized after its owner, Syed Rizwan Farook, was killed after carrying out an attack that killed 14 people.
FBI Asked Apple for Help
The FBI quickly realized they couldn’t get into the phone. Apple’s security included an iOS 9 feature that would erase the phone after 10 failed password attempts.
The FBI requested help from Apple but the company refused to build a password bypass system. They believed that circumventing their own security, to aid the FBI, would deeply compromise Apple security. And refused to build the requested backdoor into their system.
Apple’s refusal to build a backdoor kicked off a legal 3-month legal battle that only ended when it became public that the FBI’s success in unlocking the phone. The battle was supposed to determine the future of encryption.
In the FBI vs Apple, a judge ordered Apple to comply with the FBI demand to unlock the phone. Apple fought the judge’s order. CEO Tim Cook claimed the order was “an unprecedented step which threatens the security of our customers.”
Azimuth Security found a way to bypass the passcode limitations without setting off the auto-erase. But it took weeks to create the system bypass. And it just took a few hours to figure out the code to open the phone.
Azimuth Security Gained Access to Phone
Reports are that two Azimuth Security experts created the exploit chains underpinning the Condor Hack. Azimuth founder Mark Dowd, 41, an Australian coder has been described as someone who “can pretty much look at a computer and break into it.”
His top researcher David Wang has been working with computers since he was 8. He dropped out of Yale. And won a Pwnie Award at the age of 27. The Pwnie is known internationally as the “Oscar for Hackers.” Wang is an expert at “jailbreaking” phones.
The two worked together exploiting a vulnerability in an upstream software module written by Mozilla. That was the code reportedly used in Apple iPhones through the Lightning port to enable access. So once the hackers developed the first exploit they chained together two more. And gained full control over the main processor, to run their own code.
Then they could write and test software to guess every password combination. The Condor hack took advantage of the opportunity to unlock the phone. But it didn’t last long. Mozilla fixed the Lightning port exploit issue about 2 months after Azimuth used it as a way in.
Condor Hack Finally Made Public in 2021
After the FBI announced its success with unlocking the phone, there were concerns that Apple’s security could have been deeply compromised. In 2017, a judge ruled that the FBI didn’t have to reveal its methods or the hackers’ identities.
The FBI may not have gotten any useful information from the San Bernardino shooter’s phone. And the legal case was dropped before the FBI established any legal precedents.
It may just be a matter of time before the issue arises again. Case law is very murky about whether, or not, the government can compel companies to compromise device security, in order to catch criminals.
Since 2016 there have been several high-profile lawsuits against Apple. And the issues range from users’ privacy to tracking its users without consent.