Serbian police and intelligence agencies are using advanced mobile forensics products and previously unknown spyware to illegally surveil journalists, environmental and civil rights activists, according to a report cited by The Guardian, UNN reports.
Details
The report reportedly shows how mobile forensic products from Israeli firm Cellebrite are used to unlock and extract data from the mobile devices of individuals who are infected with the new NoviSpy Android spyware.
Serbian authorities are using " surveillance technologies and digital repression tactics as tools for broader state control and repression against civil society," according to Amnesty International's Dinushiki Disanayake, the report's author.
Disanayake, Amnesty's Deputy Regional Director for Europe, said the report showed how Cellebrite products used by police and intelligence agencies around the world could pose a "huge risk" to human rights activists "when used outside of strict legal controls.
Cellebrite's tools for law enforcement and government agencies can extract data from many devices, including the latest Android and iPhone mobile phones, and can unlock them without access to the device's password.
NoviSpy, while less technically advanced than highly invasive spyware such as Pegasus, still allows Serbian authorities to reportedly capture sensitive personal data from a target phone and allows them to remotely turn on the phone's microphone or camera.
The report documents how Serbian authorities used Cellebrite products to infect the mobile phones of journalists and activists with NoviSpy spyware, including on at least two occasions during police interrogations.
Amnesty "attributes the NoviSpy spyware with a high degree of confidence to the BIA [Serbian security information agency]," said Donncha O. Sirbhale, head of Amnesty's security lab.
Amnesty said it notified Android and Google about NoviSpy before the report was published, and the spyware was removed from affected Android devices. Google has also sent warnings of "government-backed attacks" to possible targets, it said.
Cellebrite said in a statement after the report was published that it was investigating the claims and was prepared to take action, including terminating its relationship with the relevant agencies.