Serbian authorities hack and install spyware on activists' phones.

Serbian authorities are using mobile device hacking tools to access the phones of activists and journalists, installing spyware to track them, according to a report from a human rights organization. This practice is carried out with technology developed by the Israeli company Cellebrite, originally designed to assist law enforcement in unlocking devices for forensic purposes.

In light of the situation, there have been calls for the Serbian government to put an end to these surveillance practices. Demands are made to stop the use of highly invasive spyware, to provide effective remedies for victims of illegal surveillance, and to bring those responsible for these violations to justice. Furthermore, digital forensic companies like Cellebrite are urged to conduct the necessary due diligence to ensure that their products are not used in ways that contribute to human rights abuses.

The report compiles various accounts of how Serbian authorities process the phones of civil society members who are detained for various reasons. These processes often include additional procedures, such as drug testing and psychological assessments, which extend the time of detention and, consequently, the period during which authorities have access to their devices. During this time, it is common for police to install "Novispy," a spyware program presumed to have been developed by the state. Some phones were hacked by exploiting a Qualcomm vulnerability that has since been patched.

One case highlighted by 404 Media involves Slaviša Milanov, a sub-editor at the media outlet FAR. He and the editor-in-chief were detained by Serbian authorities while driving together, and their phones were confiscated. Upon recovering their devices, they noticed changes such as disabled data and Wi-Fi, as well as unusually high battery usage by some applications. Milanov reported that his Android phone, a Xiaomi Redmi Note 10S, showed additional software when it was returned, and that the police had extracted 1.6GB of data without him providing his password.

Victor Cooper, senior director of Cellebrite, responded to inquiries about the use of its products, stating that they are strictly licensed for legal use, requiring a court order or legally authorized investigation, according to agreements with the end-user. Additionally, he announced that Cellebrite is investigating the "alleged misuse" of its technology and is prepared to impose appropriate sanctions in collaboration with relevant agencies.