Tech by VICE

Israeli Phone Hackers Say They Can Rip Data From... Pokémon Go

It might actually provide some decent information for investigators in certain cases.

by Joseph Cox
Oct 21 2016, 12:00pm

Photo: Matthew Corley/Shutterstock

Cellebrite, a company that makes phone hacking and data extraction tools, is the go-to for law enforcement wanting to forensically examine mobile devices. But the Israeli firm recently announced a new feature that may split the contentious "going dark" debate wide open: it can rip data from Pokémon Go.

"Gain insights from the world's most popular game—Pokémon Go," reads a document related to Cellebrite version 5.2, published in August. "Cellebrite's latest release now provides support for the game that has gone viral—around the globe," it continues.

Forensic examination of Pokémon Go data is available for many popular phones on the market, including Samsung models, according to a spreadsheet detailing which brands and versions of phones Cellebrite is capable of unlocking and copying data from. The feature is not available, however, for iOS devices such as the iPhone 6 and iPhone 6+.

The document doesn't detail what information Cellebrite can extract, but researchers have previously found timestamped files corresponding to when a user played Pokémon Go and to certain in-game events, such as capturing Pokémon, as well as some geolocation information. At least on the Android version, the app also stores the user's account name in plain text.

Read more: 'Pokémon Go' Is Grabbing 'Full Access' to Some Players' Google Accounts

Although Pokémon Go data may sound pretty innocuous, it could actually be of at least some benefit to investigators in certain, albeit edge, cases.

"From a forensics standpoint, date and time stamps from these files can help us determine whether the game was being played when a particular incident happened," Cindy Murphy, the forensics researcher who previously dug into Pokémon Go, wrote in a blog post in July.

Bizarrely, some criminals have used Pokémon Go to lure unsuspecting victims into a robbery, for example. Other cases include assaults and driving offences; app creators Niantic pushed an update in August which warned people not to drive and play Pokémon Go at the same time. Indeed, an Australian man allegedly crashed his car into a school while trying to catch a creature. Having forensics data on when a suspect was playing Pokémon Go might actually be helpful in those sort of investigations.

It's not clear whether law enforcement will be able to use Cellebrite to steal your insanely large collection of Pidgins though, so you probably don't need to worry about that just yet.

Cellebrite did not respond to a request for comment in time for publication.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.

motherboard show