Home / Mobile / News / Researcher develops tool that wipes an Android phone if someone tries to crack it: Here's how it works

Researcher develops tool that wipes an Android phone if someone tries to crack it: Here's how it works

The app monitors the device for any sign of an attempt to “image” it, then immediately triggers an irreversible wipe of the device's storage. However, the researcher has not made it available for download, so that it is not misused. 

FILE PHOTO: A USB device is attached to Cellebrite UFED TOUCH, a device to extract data from a mobile device as demonstrated by Japanese electronics maker Sun Corp during a photo opportunity at the company's Tokyo office in Tokyo March 30, 2016. FILE PHOTO: A USB device is attached to Cellebrite UFED TOUCH, a device to extract data from a mobile device as demonstrated by Japanese electronics maker Sun Corp during a photo opportunity at the company's Tokyo office in Tokyo March 30, 2016.
FILE PHOTO: A USB device is attached to Cellebrite UFED TOUCH, a device to extract data from a mobile device as demonstrated by Japanese electronics maker Sun Corp during a photo opportunity at the company's Tokyo office in Tokyo March 30, 2016. (REUTERS)

As criminals get more tech-savvy in their attempts to evade law enforcement, countries around the world have begun relying on digital forensic technology for criminal investigations for evidence collection. These tools are provided by various security companies and are used on phones, computers and other devices belonging to suspects.

A security researcher has now developed LockUp, a tool to render these tools useless, by wiping an Android phone as soon as it detects a forensic tool, such as Cellebrite. Created by KoreLogic researcher Matt Bergin, the new application was first revealed at the recently concluded Black Hat Asia conference. The app describes itself as “an Android-based Cellebrite UFED self-defence application”.

Also read: Signal app creator alleges security flaws in Cellebrite equipment

More From This Section

With LockUp, users who have the app installed on their device will be able to protect their devices from being probed by Cellebrite’s UFED tool, which is used by law enforcement agencies around the world to seize and catalogue the contents of a suspects device. The app essentially monitors the device for any sign of an attempt to “image” it. Imaging is a technique of accessing the storage of a source device to create a copy for legal records.

If the app detects any foul play, it immediately responds with a factory rest on the device using the Device Admin control permission, similar to how some Android phones offer to factory reset your device after a certain number of incorrect attempts. The app itself is designed to work on devices running on Android 9 (Pie) and above, according to the project’s GitHub page. 

Read more: Researcher claims Mark Zuckerberg uses Signal, app tweets he is ‘leading by example’

Once the app detects the presence of any app that has code or behaviour associated with apps from the company, it immediately triggers an irreversible wipe of the device's storage. The arrival of the app is certainly bad news for Cellebrite, less than a month after the founder of Signal announced the discovery of multiple vulnerabilities in the forensics software after analysing the tool’s code.

However, if you were thinking of simply downloading the LockUp app yourself and installing it on your Android phone, it isn’t going to be that easy. Bergin says that he avoided adding all the bits of code needed to build the app. He said that he didn’t want to make it so accessible that it could be easily used to avoid criminal prosecution. Instead, my goal was to help support my research into forensic tools in showing how they aren't immune to software issues,” he said.

Follow HT Tech for the latest tech news and reviews, also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.