This Is the ‘GrayKey 2.0,’ the Tool Cops Use to Hack Phones

Grayshift filed a series of documents with the FCC that reveal the looks of the new cellphone unlocking device.
A GrayKey phone-unlocking device.
Image: FCC
Screen Shot 2021-02-24 at 3
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.

For years, a company that sells a box that helps cops unlock iPhones and Android phones has kept its technology secret, aggressively shielding details of how its software and hardware work, and even what it looks like, from the public.

But thanks to the fact that the company, which is called Grayshift, has to file documents with the FCC, we now can see the company’s new GrayKey device. 

Advertisement

The documents were first spotted by Logan Koepke, the project director at Upturn, a nonprofit that does research and advocacy at the intersection of civil rights and technology. Koepke posted a link to the FCC filing on Twitter on Thursday.

Do you work at Grayshift? Or are you one of its customers? We'd love to hear from you. Using a non-work phone or computer, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email lorenzofb@vice.com

The documents include several pictures as well as a description of the process the company undertakes before every sale. 

“GrayKey is a specialized product that is only available for use by verified law enforcement or government agencies; and it is not made available for use by the general public. For every account request from a potential customer, Grayshift undertakes a rigorous, risk-averse validation process to confirm that each originated from a valid law enforcement agency located in a supported country,” Grayshift’s chief financial officer, Mark Snell, wrote in one of the documents submitted to the FCC.

Advertisement
Screen Shot 2022-09-30 at 9.50.53 AM.png

A photo of the back of the GrayKey 2.0 device.

In 2014, Apple turned on encryption for virtually all data stored inside the iPhone, making it very hard to get unless whoever is trying to access it knows the PIN or passcode that’s used to unlock the phone. Since then, forensics companies such as Grayshift and Cellebrite have had to up their game and come up with new technologies and solutions to help law enforcement agents unlock iPhones and access data that could be useful for an investigation. 

In essence, while it’s unclear exactly how it achieves it, GrayKey bruteforces the iPhone or Android phone’s passcode and unlocks it—essentially hacking the phone—allowing customers to access and extract data from the phones. 

Pictures of the first version of GrayKey leaked to the public in 2020, also thanks to documents filed with the FCC.

Motherboard has previously reported that the State Department, the Drug Enforcement Administration, local police, and even a police charity have either purchased Grayshift’s technology or have shown interest in doing so.  

Grayshift did not immediately respond to a request for comment.  

Sign up for Motherboard’s daily newsletter for a regular dose of our original reporting, plus behind-the-scenes content about our biggest stories.