Skip to main content

Health data being used as evidence in murder investigation after possible iPhone 6s crack

Health app data from an iPhone is being used as evidence in a rape and murder investigation in Germany, Motherboard reports. Details in the story also point to what may be the first known iPhone 6s lock screen bypass…

Details of the story are both gruesome and tragic. Hussein K. allegedly raped and murdered a 19-year-old woman then dumped her body in a river. He’s been on trial since September, and now the iPhone may be a key component in piecing the story together.

Authorities reportedly were able to crack his iPhone and access Health data that may point to his whereabouts when the crime occurred. Health app data on the iPhone includes the number of flights climbed which investigators are using to connect him to the murder.

The app recorded a portion of his activity as “climbing stairs,” which authorities were able to correlate with the time he would have dragged his victim down the river embankment, and then climbed back up. Freiburg police sent an investigator to the scene to replicate his movements, and sure enough, his Health app activity correlated with what was recorded on the defendant’s phone.

iPhones have included step tracking features since the iPhone 5s in 2013, and elevation tracking features were added a year later with the iPhone 6, which included a barometer. The report explains that this information was collected by bypassing the lock screen on the iPhone.

He refused to give authorities the passcode to his iPhone, but investigators hired a Munich company (which one is not publicly known) to gain access his device, according to German news outlet Welt.

While using Health data captured by the iPhone is a notable legal development, this also appears to be the first known case of what must be an iPhone 6 or later (local media describes an iPhone 6s) being cracked.

Older iPhones have been cracked in similar investigations, but not iPhones with Apple’s Secure Enclave which was introduced with the iPhone 5s.

It’s possible the iPhone ran an older software version with known exploits that have been patched with recent iOS updates, although the specific hardware and software in question has not been disclosed.

If the iPhone said to have been cracked by the German firm was actually running the latest software at the top, then this case points to iPhones with Secure Enclaves being susceptible to encryption cracking as well.


Subscribe to 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications