House Democrats Used Cellebrite to Publish Lev Parnas iPhone Messages

The released documents include an Apple iPhone “Extraction Report” generated by a Cellebrite product.
January 15, 2020, 4:01pm
Lev Parnas
Image: Stephanie Keith/Getty Images

On Tuesday, the House Intelligence Committee released additional documents that will be sent to the Senate along with the Articles of Impeachment of Donald Trump. They include notes and text messages from Lev Parnas, an indicted associate of Trump's personal lawyer Rudy Giuliani. The records were turned over in response to a subpoena served on Parnas in October, and the text messages stored on Parnas' iPhone appear to have been turned into a report using a product from phone forensics firm Cellebrite.

The documents highlight the sort of information that investigators can obtain from phone forensic products, and how that information can be presented. Cellebrite is an Israeli firm famous for the mobile phone cracking and extraction tools it makes that are used by law enforcement around the world. Phone stores also use its machines.

The released files show how Parnas tried to set up a meeting between Giuliani and Ukrainian President Volodymr Zelensky.

"Extraction Report Apple iPhone," the top of one section reads. The report then lists the participants, and indicates what service was being used to communicate. In this case, WhatsApp.

Do you work at Cellebrite? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.

The Cellebrite software organizes the extracted text messages into a format that looks similar to how they appear ordinarily on the phone, with speech bubbles on the left and right. It also includes more information that is not usually available in a chat conversation, such as the file path of an attachment.

Cellebrite is capable of extracting a wealth of information from smartphones, including calendar entries, call logs, contacts, text messages, notes, files, and more. This can also include deleted information. Cellebrite is sometimes used to generate a report that presents information in a more digestible format rather than unlocking a device.

A section of one of the Extraction Reports included in the document release. Image: Screenshot

Cellebrite is highly popular among U.S. law enforcement. Motherboard previously found how U.S. state police have spent millions of dollars on Cellebrite products. Cellebrite offers tools and services that can help authorities unlock modern iPhones. Federal and local agencies have also purchased iPhone unlocking tech from Cellebrite competitor Grayshift.

This week Cellebrite announced the acquisition of BlackBag Technologies, a company focused on computer forensics, with Cellebrite now calling itself a "one-stop-shop" for digital investigations.

Subscribe to our cybersecurity podcast, CYBER.

Advertisement