Amnesty International said on Friday that he determined that a Zero-day feat sold by a controversial operating supplier This was used to compromise the phone of a Serbian student who had criticized the government of this country.
The organization of human rights first called the Serbian authorities in December Because what he said was his “omnipresent and current use of spy software” in the context of a broader “control and repression of the civil society” campaign. This report indicates that the authorities deploy exploits sold by Celbite and NSO, a separate exploitation seller whose practices have also been strongly criticized in the last decade. In response to the December report, Celbite said that he had suspended sales to “concerned customers” in Serbia.
Surveillance campaign
Amnesty International said on Friday that he had discovered evidence of a new incident. This implies the sale of Ceebrite of an attack chain which could overcome the locking screen of fully corrected Android devices. The exploits were used against a Serbian student who had criticized Serbian officials. The chain has exploited a series of vulnerabilities in the peripheral pilots used by the Linux nucleus to support USB equipment.
“This new case provides additional evidence that the authorities in Serbia continued their civil society surveillance campaign in the aftermath of our report, despite generalized calls for reform, both in Serbia and beyond, as well as a survey on the excessive use of its product, announced by Celbrité,” said the authors of the report.
Amnesty International first discovered the evidence of the attack chain last year while investigating a separate incident outside of Serbia involving the same android locking link. The authors of the Friday report wrote:
