Hackers Find Android Phones Easier to Breach Than iPhones, According to Forensics Experts

404 Media has published two documents purportedly intended for clients of the Israeli digital intelligence company Cellebrite.

Android-based phones might be easier targets for hackers and government agencies than iPhones, according to news outlet 404 Media, citing leaked documents allegedly intended for the customers of Israeli digital intelligence company Cellebrite.

The issue of cellphone users’ privacy has recently been in the spotlight after the FBI revealed on Monday that its “technical specialists successfully gained access to Thomas Matthew Crooks’ phone.” Authorities declined to disclose the type of device used by the suspected shooter in the attempted assassination of former President Donald Trump.

Over the past few years, reports have emerged suggesting that thousands of politicians, journalists, activists, and business figures worldwide have had their cellphones accessed using the Israeli spyware program Pegasus. Once installed, the software allegedly enables the hacker to read messages, browse photos, track the person’s location, and even activate the camera and microphone without the phone owner’s knowledge.

In its reports on Wednesday, 404 Media alleged that an anonymous source recently provided two documents dated April, titled “Cellebrite iOS Support Matrix” and “Cellebrite Android Support Matrix,” respectively. These documents were supposedly intended for one of Cellebrite’s clients and were not meant for public release.

According to the article, the cellphone forensics company, which sells its tools to federal, state, and local law enforcement agencies as well as to other companies and service providers, was unable to hack a significant number of modern iPhones available on the market as of April 2024.

Describing Cellebrite’s ability to access devices using various iterations of common mobile operating systems, one of the documents reportedly states that tools to hack phones based on iOS 17.4 or newer versions are “In Research,” which implies “they cannot necessarily be unlocked with Cellebrite’s tools,” 404 Media claims.

For iOS 17.1 to 17.3.1, the Israeli firm supposedly indicated in the document that it can access the iPhone XR and iPhone 11 series, released in 2018 and 2019, respectively.

The other leaked document reportedly focuses on Android-based devices, indicating that Cellebrite can hack most of them. However, according to 404 Media, Google Pixel 6, 7, or 8 smartphones in particular remain inaccessible when switched off.

The media outlet reported that Cellebrite had confirmed the authenticity of the documents in an emailed statement. 404 Media quoted the firm’s senior director for corporate communications and content, Victor Ryan Cooper, as saying: “The reason we do not openly advertise our updates is so that bad actors are not privy to information that could further their criminal activity.”