Researcher develops tool that wipes an Android phone if someone tries to crack it: Here's how it works
The app monitors the device for any sign of an attempt to “image” it, then immediately triggers an irreversible wipe of the device's storage. However, the researcher has not made it available for download, so that it is not misused.
As criminals get more tech-savvy in their attempts to evade law enforcement, countries around the world have begun relying on digital forensic technology for criminal investigations for evidence collection. These tools are provided by various security companies and are used on phones, computers and other devices belonging to suspects.
A security researcher has now developed LockUp, a tool to render these tools useless, by wiping an Android phone as soon as it detects a forensic tool, such as Cellebrite. Created by KoreLogic researcher Matt Bergin, the new application was first revealed at the recently concluded Black Hat Asia conference. The app describes itself as “an Android-based Cellebrite UFED self-defence application”.
With LockUp, users who have the app installed on their device will be able to protect their devices from being probed by Cellebrite’s UFED tool, which is used by law enforcement agencies around the world to seize and catalogue the contents of a suspects device. The app essentially monitors the device for any sign of an attempt to “image” it. Imaging is a technique of accessing the storage of a source device to create a copy for legal records.
If the app detects any foul play, it immediately responds with a factory rest on the device using the Device Admin control permission, similar to how some Android phones offer to factory reset your device after a certain number of incorrect attempts. The app itself is designed to work on devices running on Android 9 (Pie) and above, according to the project’s GitHub page.
Once the app detects the presence of any app that has code or behaviour associated with apps from the company, it immediately triggers an irreversible wipe of the device's storage. The arrival of the app is certainly bad news for Cellebrite, less than a month after the founder of Signal announced the discovery of multiple vulnerabilities in the forensics software after analysing the tool’s code.
However, if you were thinking of simply downloading the LockUp app yourself and installing it on your Android phone, it isn’t going to be that easy. Bergin says that he avoided adding all the bits of code needed to build the app. He said that he didn’t want to make it so accessible that it could be easily used to avoid criminal prosecution. Instead, my goal was to help support my research into forensic tools in showing how they aren't immune to software issues,” he said.