Serbian student’s Android phone compromised by exploit from Cellebrite
1 min read
Summary
Amnesty International has claimed that a zero-day exploit sold by phone data extraction firm Cellebrite was used to target the phone of a Serbian student.
The student was critical of the Serbian government.
The human rights organisation has accused Serbian authorities of a widespread campaign of “state control and repression” against civil society, including the use of Cellebrite and NSO exploits.
Cellebrite, which counts the US FBI and police among its clients, said it had suspended sales to relevant customers in Serbia following the December report.
The exploit used a series of vulnerabilities in Linux kernel drivers to bypass the lock screen on Android devices.
This is the second time in a year that Amnesty has uncovered evidence of the exploit being used, suggesting that Serbian authorities have continued their surveillance efforts despite calls for reform.
