Digital Forensics Firm Cellebrite to Acquire Corellium - Dark Reading

Mobile SecurityData PrivacyApplication SecurityIoTNewsDigital Forensics Firm Cellebrite to Acquire CorelliumCellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.Alexander Culafi,Senior News Writer,Dark ReadingJune 5, 20252 Min ReadSource: photobyphm via Alamy Stock PhotoIsrael-based Cellebrite offered $170 million in cash today for Tyson's Corner, Va.-based Corellium, with $20 million converted to equity upon closing, which is expected this summer. Cellebrite is a digital forensics firm, while Corellium specializes in virtualization technology.Based on performance milestones achieved over the next two years, Corellium shareholders will receive up to an additional $30 million in cash. The deal must be approved by the US Treasury Department's Committee on Foreign Investment, along with "other customary closing conditions."The DealAccording to Cellebrite's press release, the acquisition will "set a new standard for digital investigations and the security of smart devices including iOS, Android, automotive systems, and any Arm-based IoT device."In the public sector, Cellebrite will use Corellium's offerings to enhance its digital forensics capabilities, "while Corellium's solution for mobile vulnerability research is expected to increase Cellebrite's offerings for customers in the defense and intelligence sector." The deal is expected to boost Cellebrite's market opportunities with the addition of Corellium's virtualization products.Related:Will AI Save Consumers From Smartphone-Based Phishing Attacks?"Corellium's virtualization platform is expected to extend Cellebrite's reach beyond eDiscovery and corporate investigation use cases through powerful virtualization solutions that enable development and security professionals to design the next generation of high-performance, secure mobile applications, IoT devices and automotive systems," the press release read.A Controversial CombinationAlthough Cellebrite offers a wide range of services, such as incident response, it is perhaps best known for its mobile extraction dongle, used to pull data out of mobile devices during criminal investigations. The company has been extensively criticized for its Universal Forensic Extraction Device (UFED) products being offered to countries accused of human rights abuses. Amnesty International reported earlier this year that Serbian police used Cellebrite's product in tandem with an exploit chain to target dissidents' and protesters' mobile devices.Although Cellebrite insists its products are not to be used for surveillance and that it stopped offering its products to offending customers, groups such as Privacy International and Access Now have cited repeated alleged human rights issues involving Cellebrite. In a Feb. 25 statement on its website, Cellebrite published the following:"Cellebrite took precise steps to investigate each claim in accordance with our ethics and integrity policies," Cellebrite said. "We found it appropriate to stop the use of our products by the relevant customers at this time."Related:Supply Chain Attack Embeds Malware in Android DevicesDespite the controversy, Cellebrite does not sell commercial spyware like NSO Group.Corellium, a company that offers virtualization and pentesting products, has faced issues of its own. Apple sued the company in 2019 for copyright infringement, as Corellium was selling access to Apple's iOS in a computer browser without requiring ownership of a physical device. Apple argued that Corellium sold its products indiscriminately and that Corellium products put iOS security at risk. The judge threw out one claim, while another was settled.Dark Reading contacted Amnesty International and the Electronic Frontier Foundation for additional comment.About the AuthorAlexander CulafiSenior News Writer, Dark ReadingAlex is an award-winning writer, journalist, and podcast host based in Boston. After cutting his teeth writing for independent gaming publications as a teenager, he graduated from Emerson College in 2016 with a Bachelor of Science in journalism. He has previously been published on VentureFizz, Search Security, Nintendo World Report, and elsewhere. In his spare time, Alex hosts the weekly Nintendo podcast Talk Nintendo Podcast and works on personal writing projects, including two previously self-published science fiction novels.See more from Alexander CulafiWant more Dark Reading stories in your Google search results?Add Us NowMore InsightsIndustry ReportsFrost Radar™: Non-human Identity Solutions2026 CISO AI Risk ReportCybersecurity Forecast 2026The ROI of AI in SecurityThreatLabz 2025 Ransomware ReportAccess More ResearchWebinarsBuilding a Robust SOC in a Post-AI WorldRetail Security: Protecting Customer Data and Payment SystemsRethinking SSE: When Unified SASE Delivers the Flexibility Enterprises NeedSecuring Remote and Hybrid Work Forecast: Beyond the VPNAI-Powered Threat Detection: Beyond Traditional Security ModelsMore WebinarsEditor's ChoiceCybersecurity OperationsWhy Stryker's Outage Is a Disaster Recovery Wake-Up CallWhy Stryker's Outage Is a Disaster Recovery Wake-Up CallbyJai VijayanMar 12, 20265 Min ReadWant more Dark Reading stories in your Google search results?2026 Security Trends & OutlooksThreat IntelligenceCybersecurity Predictions for 2026: Navigating the Future of Digital ThreatsJan 2, 2026Cyber RiskNavigating Privacy and Cybersecurity Laws in 2026 Will Prove DifficultJan 12, 2026|7 Min ReadEndpoint SecurityCISOs Face a Tighter Insurance Market in 2026Jan 5, 2026|7 Min ReadThreat Intelligence2026: The Year Agentic AI Becomes the Attack-Surface Poster ChildJan 30, 2026|8 Min ReadDownload the CollectionKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsBuilding a Robust SOC in a Post-AI WorldThurs, March 19, 2026 at 1pm ESTRetail Security: Protecting Customer Data and Payment SystemsThurs, April 2, 2026 at 1pm ESTRethinking SSE: When Unified SASE Delivers the Flexibility Enterprises NeedWed, April 1, 2026 at 1pm ESTSecuring Remote and Hybrid Work Forecast: Beyond the VPNTues, March 10, 2026 at 1pm ESTAI-Powered Threat Detection: Beyond Traditional Security ModelsWed, March 25, 2026 at 1pm ESTMore WebinarsWhite PapersAutonomous Pentesting at Machine Speed, Without False PositivesFixing Organizations' Identity Security PostureBest practices for incident response planningIndustry Report: AI, SOC, and Modernizing Cybersecurity5 Steps to Stop Ransomware With Zero TrustExplore More White PapersGISEC GLOBAL 2026GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills.📌 Book Your Space