Amnesty International said Google had set unknown faults before in Android which allowed the authorities to unlock phones using forensic tools.
Friday, Amnesty International has published a report Retailing a chain of three zero day vulnerabilities developed by the Celibrite telephone blocking company, which its researchers found after investigating the piracy of a demonstrator in Serbia. The faults have been found in the USB Linux Core kernel, which means that “vulnerability is not limited to a particular device or supplier and may have an impact on a billion Android devices”, according to the report.
Zero days are bugs in products which, when found, are unknown to software or hardware manufacturers. Zero days allow criminal and government hackers to enter systems in a more effective way because there is not yet a corrective that corrects them.
In this case, Amnesty said that he had first found traces of one of the faults in a case in mid-2024. Then, last year, after investigating the hacking of a student activist in Serbia, the organization shared its results with the Google anti-hacking threat analysis group, which led the researchers to identify and fix the three distinct defects.
During the militant’s telephone investigation, Amnesty’s researchers found the USB feat, which allowed the Serbian authorities, with the use of Celibrite tools, to unlock the militant’s phone.
When he was contacted to comment, Celibrite’s spokesperson Victor Cooper referred to a declaration that the company published earlier this week.
In December, Amnesty pointed out that he had found two cases where the Serbian authorities had used medical-legal tools Celibrite to unlock the phones of an activist and a journalist, and then installed Android spy software known as Novispy. Earlier this week, Cel Brite announced that she had prevented her Serbian client from using her technology following allegations of abuse discovered by Amnesty.
“After an examination of the allegations brought by the Amnesty International report of December 2024, Celbite took precise measures to investigate each complaint in accordance with our ethics and integrity policies. We have deemed appropriate to stop the use of our products by the customers concerned at the moment, ”wrote Celled in his declaration.
Contact us
Do you have more information on government spy software and its manufacturers? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai safely on the signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or e-mail. You can also contact Techcrunch via Securedrop.
In the new report, Amnesty said she was contacted in January to analyze the aircraft of a young activist arrested by the Serbian Agency for Security Information (Bezbedonosno-Informativna Agencija or bia) at the end of last year.
“The circumstances of his arrest and the behavior of BIA officers strongly equaled the Modus Operandi which was used against the demonstrators and which we documented in our report in December. A medico-legal survey on the device conducted in January confirmed the use of Ceebrite on the phone of the student activist, “wrote Amnesty.
As in the other cases, the authorities used an apparatus Celled to unlock the activist’s Samsung A32 phone “without his knowledge or consent, and apart from a legally sanctioned investigation”, according to Amnesty.
“The apparently routine use of Cellebite’s software against people for exercising their rights to freedom of expression and the peaceful assembly can never be a legitimate objective,” wrote Amnesty, “and is therefore in violation of human rights law.”
Bill Marczak, principal researcher at Citizen Lab, an organization of digital rights which investigates spy software, Written on x That activists, journalists and members of civil society “who could have their phone seized by the authorities (protest, border, etc.) should consider going to the iPhone”, because of these vulnerabilities.
Referring to Celbite’s tools, Donchant ó Cearbhaill, the chief of the Amnesty security laboratory, told Techcrunch that “the availability of such large -scale tools leaves me fear that we are only scratching the surface of the damage of these products.”
Google did not immediately respond to a request for comments.
