Technology

In 2021, Moxie Marlinspike, creator of the encrypted messaging app Signal, pointed to several vulnerabilities in Cellebrite's UFED and Physical Analyzer software that allowed for arbitrary code execution on Windows computers running the software. One exploit he detailed involved the UFED scanning a specially formatted file, which could then be used to execute arbitrary code on the computer running the UFED. Marlinspike wrote that the code could then "[modify] not just the Cellebrite report being created in that scan, but also "all previous and future generated Cellebrite reports" from all previously scanned devices and all future scanned devices in any arbitrary way."[27] Marlinspike also found that Cellebrite software was bundled with out-of-date FFmpeg DLL files from 2012, which lacked over 100 subsequent security updates. Windows Installer packages, extracted from the Windows installer for iTunes and signed by Apple, were also found, which he said raised legal concerns.[28] Cellebrite responded that the company "is committed to protecting the integrity of our customers' data, and we continually audit and update our software in order to equip our customers with the best digital intelligence solutions available."[29] The report by Signal followed an announcement by Cellebrite in 2020 that it had developed technology to crack encrypted messages in the Signal app, a claim the company later retracted and downplayed.[30][31] The announcement by Marlinspike raised questions about the integrity of data extracted by the software,[32][33] and prompted Cellebrite to patch some of the vulnerabilities found by Signal and to remove full support for analyzing iPhones.[34][35]

Source: https://en.wikipedia.org/wiki/Cellebrite

Sounds like it is just malware to me.