Serbian officials installed spyware on the phones of dozens of journalists and activists, according to an Amnesty International report, citing digital data and testimonies from activists who said their phone conversations had been intercepted in recent months.
According to the report, police and intelligence services in Serbia use advanced surveillance systems and previously unknown spyware. The report shows how advanced products from the Israeli company Cellebrite are used to unlock and extract data from mobile phones that are attacked with a new Android spyware system, NoviSpy.
Serbian authorities are using “surveillance technology and digital repression tactics as instruments of wider state control and repression targeting civil society,” according to Amnesty International’s Dinushika Dissanayake, who wrote the report.
Dissanayake, Amnesty’s deputy regional director for Europe, said the report shows how Cellebrite’s products, used by police and intelligence agencies worldwide, can pose a “huge risk” to rights activists “when used outside of strict legal control”.
Cellebrite’s tools in question allow data to be extracted from a range of devices, including Android phones and iPhones, as they can be unlocked without the password. NoviSpy, although technically less advanced than the infamous Pegasus spyware, allows gathering sensitive personal data from the target mobile as well as activating a phone’s microphone or camera remotely.
The report documents how Serbian authorities used Cellebrite products to enable the NoviSpy software to infect the mobile phones of journalists and activists, including – on at least two occasions – during police interrogations.
A Serbian investigative journalist, Slaviša Milanov, was briefly detained by the police in February this year under the guise of a drink-driving check. His Android phone was turned off when he handed it in and he was never asked for the passcode.
After his release, Slaviša noticed that his phone, which had been left at the reception of the police station, appeared to have been tampered with and its data was disabled. Analysis by Amnesty’s lab showed that a Cellebrite product had unlocked it and installed NoviSpy.
Amnesty “attributes NoviSpy spyware to [υπηρεσία πληροφοριών ασφαλείας της Σερβίας] BIA with great certainty,” said Ó Cearbhaill. Other activists, including a member of Krokodil, which promotes Western Balkan reconciliation, were similarly targeted.
Amnesty said it had informed Android and Google about NoviSpy before the report was published, and the spyware had been removed from affected Android devices. Google had also sent alerts of “government attacks” to potential targets, it said.
Activists targeted by the Pegasus spyware in Serbia said they were shocked. “It’s an incredibly effective way to completely discourage communication between people,” said one of them, who asked to remain anonymous. “Anything you say can be used against you, which is paralyzing both personally and professionally.”
Another said the result is “either you choose self-censorship or you speak independently – so you have to be prepared to face the consequences.” Serbian authorities did not respond to requests for comment.
NSO Group, which developed Pegasus, did not confirm that Serbia was a client, but said it “takes seriously its responsibility to respect human rights and is strongly committed to refraining from provoking, contributing to or being directly associated with negative impact on human rights”. It said it looked into all credible allegations of misuse of the group’s products.
Cellebrite said in a statement after the report was published that the “ethical, judicial and legal use” of its technology was “paramount to our mission to speed justice and save lives around the world,” adding that the software does not install malware or perform real-time tracking, spyware or other aggressive cyber activity.
The company said it takes seriously all allegations of potential misuse of its technology “in ways that would be contrary to … the terms described in our license agreement” and “appreciates Amnesty’s pointing out the alleged misuse”.
She said she was investigating the allegations and was prepared to take action, including ending her relationship with the agencies involved. Cellebrite complies with all relevant sanctions and export controls, and as of 2020 has voluntarily stopped selling to customers in more than 60 countries, including some listed in the report, it notes.
During the investigative process, the Israeli company told Amnesty that its products are “strictly licensed for legal use, requiring a warrant or consent to assist law enforcement agencies in legally authorized investigations following the commission of a crime.”
Amnesty said that while this may be the intended use of the products, its investigation clearly showed that they could be misused “to enable the development of spyware and the widespread collection of data from mobile phones outside of justified criminal investigations”.
Read also
Thracomakedones: The return from Dubai and the “heavy” biography of the victim – The scenarios considered
The investors in the Zakynthos Shipwreck are jihadist financiers
Syria – Fake news: An intelligence officer in the Syrian air force is the man who “liberated” CNN – His violent past
Canada’s Comer and the jihadists: How the investigation revealed evidence leading to an international scandal
Adonis got his helmet (Video)
#Serbia #Illegal #monitoring #activists #journalists #Israeli #companys #spyware
