CyberSecurity news
Alex Lekander@CyberInsider
//
Serbian authorities reportedly used a Cellebrite-developed Android zero-day exploit chain to unlock the device of a student activist and attempt to install spyware. This exploit targeted vulnerabilities in Android, allowing authorities to bypass security measures. Amnesty International discovered the exploit after analyzing the student's phone, which prompted them to alert Google.
Google has since fixed three zero-day vulnerabilities in Android that were exploited by Cellebrite forensic tools. Following the reports of misuse for political reasons, Cellebrite blocked Serbia from further use of its solution. The company took action after claims emerged that the equipment was being used improperly.
ImgSrc: mnwa9ap4czgf-u1
References :
- infosec.exchange: NEW: Google fixed three zero-day vulnerabilities in Android that were used by authorities to unlock phones with Cellebrite forensic tools. The fixes come after Amnesty alerted Google, following the analysis of a Serbian student protester's phone.
- bsky.app: Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware.
- CyberInsider: Serbia Used Cellebrite Zero-Day Android Attack on Student Activist
- securityaffairs.com: Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons
- techcrunch.com: Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On Friday, Amnesty International published a report detailing a chain of three zero-day vulnerabilities developed by phone-unlocking company Cellebrite, which its researchers found after investigating the hack of a student protester’s phone in Serbia. The
- The Hacker News: Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
- infosec.exchange: Amnesty International has uncovered a sophisticated cyber-espionage campaign in Serbia, where authorities used Cellebrite kit with Linux USB CVE-2024-53104 exploit chained with 2 other CVEs to unlock the Android phone of a student activist
- aboutdfir.com: Cellebrite cuts off Serbia over abuse of phone-cracking software against civil society
- securityaffairs.com: Serbian student activist’s phone hacked using Cellebrite zero-day exploit
- Talkback Resources: Cellebrite zero-day exploit used to target phone of Serbian student activist [app] [exp]
Classification:
- HashTags: #Cellebrite #ZeroDay #AndroidSecurity
- Company: Cellebrite
- Target: Android devices
- Attacker: Cellebrite
- Product: Cellebrite
- Feature: zero-day exploit
- Malware: zero-day exploit
- Type: 0Day
- Severity: Major