This year, a Serbian journalist and an activist had their phones hacked by local authorities using a cellphone-unlocking device made by forensic tool maker Cellebrite. The authorities’ goal was not only to unlock the phones to access their personal data, as Cellebrite allows, but also to install spyware to enable further surveillance, according to a new report by Amnesty International.
Amnesty said in its report that it believes these are “the first forensically documented spyware infections enabled by the use” of Cellebrite tools.
This crude but effective technique is one of the many ways that governments use spyware to surveil their citizens. In the last decade, organizations like Amnesty and digital rights group Citizen Lab have documented dozens of cases where governments used advanced spyware made by Western surveillance tech vendors, such as NSO Group, Intellexa, and the now-defunct spyware pioneer Hacking Team, among others, to remotely hack dissidents, journalists, and political opponents.
Now, as zero-days and remotely planted spyware become more expensive thanks to security improvements, authorities may have to rely more on less sophisticated methods, such as getting their hands physically on the phones they want to hack.
While many cases of spyware abuse happened across the world, there is no guarantee they couldn’t — or don’t — happen in the United States. In November, Forbes reported that the Department of Homeland Security’s Immigration and Customs Enforcement (ICE) spent $20 million to acquire phone hacking and surveillance tools, among them Cellebrite. Given President-elect Donald Trump’s promised mass deportation campaign, as Forbes reported, experts are worried that ICE will increase its spying activities when the new administration takes control of the White House.
A brief history of early spyware
History tends to repeat itself. Even when something new (or undocumented) first appears, it’s possible that it is actually an iteration of something that’s already happened.
Twenty years ago, when government spyware already existed but little was known within the antivirus industry tasked with defending against it, physically planting spyware on a target’s computer is how the cops could access their communications. Authorities had to have physical access to a target’s device — sometimes by breaking into their home or office — then manually install the spyware.
That’s why, for example, early versions of Hacking Team’s spyware from the mid-2000s were designed to launch from a USB key or a CD. Even earlier, in 2001, the FBI broke into the office of mobster Nicodemo Scarfo to plant a spyware designed to monitor what Scarfo typed on his keyboard, with the goal of stealing the key he used to encrypt his emails.
These techniques are returning to popularity, if not for necessity.
Citizen Lab documented a case earlier in 2024 in which the Russian intelligence agency FSB allegedly installed spyware on the phone of Russian citizen Kirill Parubets, an opposition political activist who had been living in Ukraine since 2022, while he was in custody. The Russian authorities had forced Parabuts to give up his phone’s passcode before planting spyware capable of accessing his private data.
Stop and search
In the recent cases in Serbia, Amnesty found a novel spyware on the phones of journalist Slaviša Milanov and youth activist Nikola Ristić.
In February 2024, local police stopped Milanov for what looked like a routine traffic check. He was later brought into a police station, where agents took away his Android phone, a Xiaomi Redmi Note 10S, while he was being questioned, according to Amnesty.
When Milanov got it back, he said he found something strange.
“I noticed that my mobile data (data transmission) and Wi-Fi are turned off. The mobile data application in my mobile phone is always turned on. This was the first suspicion that someone entered my mobile phone,” Milanov told TechCrunch in a recent interview.
Milanov said he then used StayFree, a software that tracks how much time someone uses their apps, and noticed that “a lot of applications were active” while the phone was supposedly turned off and in the hands of the police, who he said had never asked or forced him to give up his phone’s passcode.
“It showed that during the period from 11:54 a.m. to 1:08 p.m. the Settings and Security applications were mainly activated, and File manager as well as Google Play Store, Recorder, Gallery, Contact, which coincides with the time when the phone was not with me,” said Milanov.
“During that time they extracted 1.6 GB data from my mobile phone,” he said.
At that point Milanov was “unpleasantly surprised and very angry,” and had a “bad feeling” about his privacy being compromised. He contacted Amnesty to get his phone forensically checked.
Donncha Ó Cearbhaill, the head of Amnesty’s Security Lab, analyzed Milanov’s phone and indeed found that it had been unlocked using Cellebrite and had installed an Android spyware that Amnesty calls NoviSpy, from the Serbian word for “new.”
Spyware likely “widely” used on civil society
Amnesty’s analysis of the NoviSpy spyware and a series of operational security, or OPSEC, mistakes point to Serbian intelligence as the spyware’s developer.
According to Amnesty’s report, the spyware was used to “systematically and covertly infect mobile devices during arrest, detention, or in some cases, informational interviews with civil society members. In multiple cases, the arrests or detentions appear to have been orchestrated to enable covert access to an individual’s device to enable data extraction or device infection,” according to Amnesty.
Amnesty believes NoviSpy was likely developed in the country, judging from the fact that there are Serbian language comments and strings in the code, and that it was programmed to communicate with servers in Serbia.
A mistake by the Serbian authorities allowed Amnesty researchers to link NoviSpy to the Serbian Security Information Agency, known as Bezbednosno-informaciona Agencija, or BIA, and one of its servers.
During their analysis Amnesty’s researchers found that NoviSpy was designed to communicate with a specific IP address: 195.178.51.251.
In 2015, that exact same IP address was linked to an agent in the Serbian BIA. At the time, Citizen Lab found that that specific IP address identified itself as “DPRODAN-PC” on Shodan, a search engine that lists servers and computers exposed to the internet. As it turns out, a person with an email address containing “dprodan” had been in touch with the spyware maker Hacking Team about a demo in February 2012. According to leaked emails from Hacking Team, company employees gave a demo in the Serbian capital Belgrade around that date, which led Citizen Lab to conclude that “dprodan” is also a Serbian BIA employee.
The same IP address range identified by Citizen Lab in 2015 (195.178.51.xxx) is still associated with the BIA, according to Amnesty, which said it found that the public website of the BIA was recently hosted within that IP range.
Amnesty said it performed forensic analysis of two dozen members of Serbian civil society, most of them Android users, and found other people infected with NoviSpy. Some clues inside the spyware code suggests that the BIA and the Serbian police have been using it widely, according to Amnesty.
The BIA and the Serbian Ministry of Internal Affairs, which oversees the Serbian police, did not respond to TechCrunch’s request for comment.
NoviSpy’s code contains what Amnesty researchers believe could be an incrementing user ID, which in the case of one victim was 621. In the case of another victim, infected around a month later, that number was higher than 640, suggesting the authorities had infected more than 20 people in that time span. Amnesty’s researchers said they found a 2018-dated version of NoviSpy on VirusTotal, an online malware scanning repository, suggesting the malware had been developed for several years.
As part of its research into spyware used in Serbia, Amnesty also identified a zero-day exploit in Qualcomm chipsets used against the device of a Serbian activist, likely with the use of Cellebrite. Qualcomm announced in October that it had fixed the vulnerability following Amnesty’s discovery.
When reached for comment, Cellebrite’s spokesperson Victor Cooper said that the company’s tools can not be used to install malware, a “third-party would have to do that.”
Cellebrite’s spokesperson declined to provide details about its customers, but added that the company would “investigate further.” The company said if Serbia broke its end-user agreement, the company would “reassess if they are one of the 100 countries we do business with.”