FBI Paid Less Than $1M for San Bernardino iPhone Exploit

The Apple Vs. FBI case is still ongoing, even though the FBI has found a way to break into an iPhone tied to last year’s San Bernardino terror attack. The iPhone maker has declined to participate in breaking into the phone, which forced the FBI to look for other sources of help.

Cities sources familiar with government matters, Reuters reports the one-time payment came in exchange for a zero-day vulnerability. Allegedly, the FBI paid less than $1 million for this operation. Interestingly enough, previous estimates put the purchase at more than $1.3 million based on a quote from FBI Director James Comey. He said that the agency paid an outside group “more than I will make in the remainder of this job”.

Apple R&D Featured

The government agency hasn’t identified the contracts, but media reports pointed to an established security firm called Cellebrite, even though this could be a job for gray-hat hackers. According to Reuters, even Comey is unaware of who his agency hired for the job.

The FBI has made a statement that it will not submit the vulnerability for review under the Vulnerabilities Equities Process, which allows vulnerabilities to be disclosed to private manufacturers. Furthermore, Apple has no intention of filing a suit against the government to force the hack’s disclosure.

For the full story on the San Bernardino case, head over to our recently published featured story.