FBI unlocked the phone of the suspect in the assassination attempt on Donald Trump

The FBI gained access to the password-protected phone of the suspect in the assassination attempt on Donald Trump.

The independent website 404 Media first reported that the FBI had successfully accessed the password-protected phone of Thomas Matthew Crooks, the deceased suspect in the assassination attempt on Donald Trump.

“FBI technical specialists successfully gained access to Thomas Matthew Crooks’ phone, and they continue to analyze his electronic devices,” reads a statement issued by the FBI press office.

It is unclear how the feds unlocked the phone, however, this case demonstrates the progresses of law enforcement in bypassing security measures implemented to protect mobile devices.

“Some specifics such as how exactly the FBI bypassed the phone’s protections remain unclear, but the news signals that the reality of sourcing evidence from password-locked devices in high-profile cases is greatly different to what it was nearly ten years ago, when the U.S. Department of Justice tried to force Apple to undermine the iPhone’s security mechanisms to access data on the phone belonging to the San Bernardino shooter.” states 404 Media.

Immediately after the assassination attempt, the FBI officials in Pennsylvania failed in attempting to access Crooks’ device. Then the authorities shipped the phone to Quantico, Virginia, where the FBI experts analyzed the device.

In March 2023, the DOJ released a brief filing that threatened to force Apple to hand over the iOS source code if it would not help the FBI in unlocking the San Bernardino shooter’s iPhone.

Apple CEO Tim Cook declared that the company will refuse to help the FBI to protect its users. The idea of introducing a backdoor into its system is not feasible because opens the users to many other threat actors.

Later, the FBI dropped the case after the government contractor Azimuth Security successfully unlocked the device.

Since then, multiple forensics firms have developed tools to unlock iPhones for data extraction, including:

  1. GrayKey – A hardware device developed by GrayShift that can bypass iPhone passcodes and extract data. Several media reported that law enforcement agencies used it.
  2. UFED – A forensic tool created by Cellebrite that can unlock iPhones and extract data. It is used by law enforcement and intelligence agencies.
  3. Elcomsoft iOS Forensic Toolkit – A software tool that can extract data from locked iOS devices.
  4. MSAB XRY – A forensic suite that allows to unlock and extract data from iOS devices.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, Donald Trump)