Leading Serbian law enforcement agencies used Cellebrite software to hack into citizens’ phones and install spyware, Amnesty International has reported. The main objects of surveillance were journalists and activists. Amnesty International published a report that Serbian authorities used Cellebrite technology to access citizens’ mobile phones without their knowledge. After the phones were hacked, new spy software called NoviSpy, developed in Serbia, was installed on them.
This tool not only allows access to user data, but also activates the microphone and camera for surveillance. The report details four cases of phone infections, two of which were carried out through Cellebrite. After being detained by the police, the phone was hacked and infected with this software.
The experts found that NoviSpy was connected to a server located in Serbia, and one of the samples of the program was linked to an IP address belonging to an employee of the Serbian intelligence services. Amnesty also discovered the use of Qualcomm’s vulnerability on Android devices, which was later patched in October 2024.
Cellebrite is a well-known Israeli company that provides law enforcement with tools to hack mobile devices. Its technology is often used for criminal investigations, but abuse cases like this raise questions about human rights violations. Amnesty has repeatedly highlighted the widespread use of such tools to monitor journalists and activists in various countries.