More creepy spying of journalists and others via Israel’s Cellebrite DI Ltd. BDS is vital, no matter what lies are spewed by Canada’s genocidaires Irwin Cotler, Rosalie Abella and spy tech propagandists. “We have an illusion of freedom, but in reality, we have no freedom at all”

Serbia used Israeli firm’s tech to enable spy campaign, Amnesty says by Aleksandar Vasovic and James Pearson, December 16, 2024, Reuters

  • Summary
  • Serbian spyware covertly monitors journalists, activists’ phones, Amnesty says
  • Israel’s Cellebrite tools used to unlock phones during police detention, report says
  • Norwegian aid linked to purchase of phone-cracking tools

BELGRADE/LONDON, Dec 16 (Reuters) – Serbian officials installed homegrown spyware on the phones of dozens of journalists and activists, Amnesty International said in a report released on Monday, citing digital forensic evidence and testimony from activists who said they were hacked in recent months.

In two cases, software provided by Israeli company Cellebrite DI Ltd (CLBT.O) was used to unlock phones prior to infection, the report said.

The Serbian spyware, dubbed “NoviSpy” by Amnesty, then took covert screenshots of mobile devices, copied contacts, and uploaded them to a government-controlled server, the report said.

“In multiple cases, activists and a journalist reported signs of suspicious activity on their mobile phones directly following interviews with Serbian police and security authorities,” Amnesty said.

The Serbian intelligence agency BIA published a statement on its website Monday which said it operates within local laws Pfffft. Who believes them!? Not me and accused the Amnesty report of containing “nonsensical statements.” Serbia’s interior ministry and foreign ministry did not respond to requests for comment.

Cellebrite products are widely used by law enforcement, including the FBI, to unlock smartphones and scour them for evidence. Cellebrite said it appreciated Amnesty’s work and Chief Marketing Officer David Gee said the company was investigating the allegations.

Putting surveillance software on devices “is absolutely not what we do”, Gee said. I don’t believe him either. He added that Cellebrite had begun contacting Serbian officials but declined to provide further details.

FORENSIC EXPERTS

One of the activists featured by Amnesty in the report said they had noticed the contacts on their phone had been exported immediately after a meeting with the BIA.

The activist told Reuters they showed their phone to digital forensic experts, who discovered the NoviSpy spyware had exported their contacts and sent private photos from their device to a BIA-controlled server.

That package, which was funded by the Norwegian government and administered by the United Nations Office for Project Services (UNOPS), was provided to the Serbian interior ministry from 2017 to 2021 in order to help Serbia fight organised crime, the report said.

The Norwegian government temporarily ceased delivery of Cellebrite devices to Serbia in 2018, Amnesty said. The Norwegian Embassy in Belgrade also raised concerns about the programme, the report added, but UNOPS eventually delivered the devices in June 2019.

“We expect UNOPS to investigate the allegations,” she added.

UNOPS said in a statement it welcomed Amnesty’s report and said the agency had in the years since 2017 “further enhanced mechanisms to assess and mitigate potential adverse effects.” The agency did not elaborate on those measures.

***

Serbia: Authorities using spyware and Cellebrite forensic extraction tools to hack journalists and activists Press Release by Amnesty International, Dec 16, 2024

This press release is also available in Serbian “Srbija: Vlasti koriste špijunske softvere i forenzičke alate kompanije Cellebrite za hakovanje novinara i aktivista“.

We have published the report’s Executive Summary as a webpage. The full report is available in PDF format from Amnesty.org.


The report, “A Digital Prison”: Surveillance and the Suppression of Civil Society in Serbia, documents how mobile forensic products made by Israeli company Cellebrite are being used to extract data from mobile devices belonging to journalists and activists. It also reveals how the Serbian police and the Security Information Agency (Bezbedonosno-informativna Agencija – BIA) have used a bespoke Android spyware system, NoviSpy, to covertly infect individuals’ devices during periods of detention or police interviews. 

“Our investigation reveals how Serbian authorities have deployed surveillance technology and digital repression tactics as instruments of wider state control and repression directed against civil society,” said Dinushika Dissanayake, Amnesty International’s Deputy Regional Director for Europe. 

How Cellebrite and NoviSpy is used to target devices 

Cellebrite, a firm founded and headquartered in Israel but with offices globally, develops the Cellebrite UFED suite of products for law enforcement agencies and government entities. It enables the extraction of data from a wide range of mobile devices including some of the most recent Android devices and iPhone models, even without access to the device passcode.  

While less technically advanced than highly-invasive commercial spyware like Pegasus, NoviSpy – a previously unknown Android spyware – still provides Serbian authorities with extensive surveillance capabilities once installed on a target’s device. 

Critically, Amnesty International uncovered forensic evidence showing how Serbian authorities used Cellebrite products to enable NoviSpy spyware infections of activists’ phones. In at least two cases, Cellebrite UFED exploits (software that takes advantage of a bug or vulnerability) were used to bypass Android device security mechanisms, allowing the authorities to covertly install the NoviSpy spyware during police interviews. 

Amnesty International also identified how Serbian authorities used Cellebrite to exploit a zero-day vulnerability (a software flaw which is not known to the original software developer and for which a software fix is not available) in Android devices to gain privileged access to an environmental activist’s phone. The vulnerability, identified in collaboration with security researchers at Google Project Zero and Threat Analysis Group, affected millions of Android devices worldwide that use the popular Qualcomm chipsets. An update fixing the security issue was released in the October 2024 Qualcomm Security Bulletin

Cellebrite phone hacking and spyware infection threats to journalists and activists 

In February 2024, Serbian independent investigative journalist Slaviša Milanov was arrested and detained by police under the pretext of performing a test for driving under the influence of alcohol. While in detention, Slaviša was questioned by plain-clothes officers about his journalism work. Slaviša’s Android phone was turned off when he surrendered it to police and at no point was he asked for nor did he provide the passcode. 

Additional forensic evidence showed that NoviSpy was then used by Serbian authorities to infect Slaviša’s phone. A second case in the report, involving an environmental activist, Nikola Ristić, found similar forensic evidence of Cellebrite products used to unlock a device to enable subsequent NoviSpy infection. 

“Our forensic evidence proves that the NoviSpy spyware was installed while the Serbian police had possession of Slaviša’s device, and the infection was dependent on the use of an advanced tool like Cellebrite UFED capable of unlocking the device. Amnesty International attributes the NoviSpy spyware to BIA with high confidence,” said Donncha Ó Cearbhaill, the Head of Amnesty International’s Security Lab.  

Activists infected with NoviSpy while making complaints to the police or BIA 

In another case, an activist from Krokodil, an organization promoting dialogue and reconciliation in the Western Balkans, had their phone, a Samsung Galaxy S24+, infected with spyware during an interview with BIA officials in October 2024.  

The activist was invited to BIA’s office in Belgrade to provide information about an attack on their offices by Russian speaking people ostensibly in opposition to Krokodil’s public condemnation of Russia’s invasion of Ukraine.  

After the interview, the activist suspected that their phone had been tampered with. At their request, Amnesty International carried out a forensic investigation which found that NoviSpy had been installed on the device during the BIA interview. Amnesty International was also able to recover and decrypt surveillance data captured by NoviSpy while the activist was using their phone, which included screenshots of email accounts, Signal and WhatsApp messages and social media activity. 

Amnesty International reported the NoviSpy spyware campaign to security researchers at Android and Google before publication, who took action to remove the spyware from affected Android devices. Google has also sent out a round of “Government-backed attack” alerts to individuals they identified as possible targets of this campaign.   

Impact of state digital surveillance and repression tactics on Serbian civil society 

“This is an incredibly effective way to completely discourage communication between people. Anything that you say could be used against you, which is paralyzing at both personal and professional levels,” said Branko*, an activist who was targeted with Pegasus spyware. 

The targeting has also resulted in self-censorship. 

“We are all in the form of a digital prison, a digital gulag. We have an illusion of freedom, but in reality, we have no freedom at all. This has two effects: you either opt for self-censorship, which profoundly affects your ability to do work, or you choose to speak up regardless, in which case, you have to be ready to face the consequences,” said Goran*, an activist also targeted with Pegasus spyware. And now under the growing global mantel of lying genocidal Evangelical Christian Zionism, Herr Trump in USA, and soon Herr Harper again under Pierre Picklehead in Canada, and others, we have/will have less freedom than ever before with more and more of our rights destroyed, notably freedom of expression voicing opposition to genocide and our freedom to choose what we buy – or not.

Activist, Aleksandar* who was also targeted with Pegasus spyware, said: “My privacy was invaded, and this completely shattered my sense of personal security. It caused huge anxiety…I felt a sense of panic and became quite isolated.

I avoid going out anywhere anymore, not worth the stress, anxiety and harassment. Everywhere I went on speaking tours, I was followed/watched. American customs agents knew about my firm’s wildlife and cumulative effects research! Creepy as fuck and a stupid waste of resources and money. I merely presented industry’s and our regulators’ data and reports on how frequently the frac and oil and gas industry dangerously contaminates drinking water.

Part One: Global Spyware Scandal: Exposing Pegasus January 3, 2023, 53:15 Min

“Global Spyware Scandal: Exposing Pegasus” is a FRONTLINE production with Forbidden Films. It is a film by Anne Poiret and Arthur Bouvart. The director is Anne Poiret. The producers are Laurent Richard and Sandrine Rigaud. The senior producers are Eamonn Matthews and Dan Edge. The editor-in-chief and executive producer of FRONTLINE is Raney Aronson-Rath.

Part Two: Global Spyware Scandal: Exposing Pegasus January 10, 2023, 54:22 Min

Part two of a joint investigation into the hacking tool used to spy on journalists, activists, the fiancée of Saudi journalist Jamal Khashoggi and others.

In response to our findings, Cellebrite said, “Our digital investigative software solutions do not install malware nor do they perform real-time surveillance consistent with spyware or any other type of offensive cyber activity.I trust not one word these spy creeps say.

“We appreciate Amnesty International highlighting the alleged misuse of our technology. We take all allegations seriously of a customer’s potential misuse of our technology in ways that would run counter to both explicit and implied conditions outlined in our end-user agreement.

“We are investigating the claims made in this report. Should they be validated, we are prepared to impose appropriate sanctions, including termination of Cellebrite’s relationship with any relevant agencies.”blablablakidkillerenablingbla.

In response to Amnesty International’s queries sent early during the research process, Cellebrite said its products “are licensed strictly for lawful use, require a warrant or consent to help law enforcement agencies with legally sanctioned investigations after a crime has taken place.”

While this may be the intended use, Amnesty International’s research demonstrates how Cellebrite’s products can be misused to enable spyware deployment and the broad collection of data from mobile phones outside of justified criminal investigations, posing grave risks to human rights.

Amnesty International has shared the findings of this research with the Serbian government ahead of the publication but has not received a response.  

Serbian authorities must stop using highly invasive spyware and provide effective remedy to victims of unlawful targeted surveillance and hold those responsible for the violations to account. Cellebrite and other digital forensic companies also must conduct adequate due diligence to ensure that their products are not used in a way which contributes to human rights abuses. 

Over the past years, state repression and a hostile environment for free speech advocates in Serbia has escalated with each wave of anti-government protests. The authorities have engaged in sustained smear campaigns against NGOs, media and journalists and have also subjected those involved in peaceful protest to arrests and judicial harassment. 

*Name changed to protect identity


Amnesty International has also published NoviSpy spyware Indicators of Compromise to enable Serbian civil society to check their devices for evidence of NoviSpy targeting using the Mobile Verification Toolkit.

https://twitter.com/DonnchaC/status/1868572452546363625

@mrastandards:

Serbia’s digital surveillance raises serious concerns with new spyware and forensic tools found. Amnesty’s report reveals troubling developments.

Refer also to:

2024: Evil is as Evil does. Steve Harper’s investment firm Awz Ventures controls, finances Israeli spy tech Corsight AI – facial recognition used by IDF to kill Palestinians. No wonder I hate AI and despise the cruelty of Harper and his white supremacist gang.

2024: Lock up the serial killers and their enablers (e.g. Canada’s ex PM Steve Harper, B’nai Brith et al, and ex supreme court judge Rosalie Abella), give Satan the key: ICC unanimously issues arrest warrants for Benjamin Netanyahu, Yoav Gallant for alleged Gaza war crimes and Hamas leader Mohammed Deif (if still alive).

2024: Cruel hide-in-the-closet misogynistic hateful old white man fascist Steve Harper to be appointed minister of foreign affairs under Pierre Picklehead?

2024: Steve Harper running Norway’s courts? Truls Gulowsen:“It’s frightening that the judicial system shows so little understanding for environmental rights.” I think the judges understand very well – they’re paid to serve the rich, which includes polluting miners and their toxic waste.

2024: UK Prof David Miller (fired from Bristol U for anti-Zionist views) wins landmark employment tribunal case, judges conclude being Anti-Zionist is “worthy of respect in a democratic society.” Legal rep Rahman Lowe: “The genocide Israel is committing at present has woken the world up to the very belief David holds and was manifesting, which is that Zionism is inherently racist and must be opposed.”

2023: Pegagus Scandal: Have you been hacked and spied on by Israeli company NSO Group’s spyware sold to your gov’t and or agencies like AER?

2020: Super Evil in Canada: Israel lobby, including B’nai Brith, Centre for Israel, Jewish Affairs (CIJA), Jewish Defence League (JDL), more, waging campaign to silence, punish, bankrupt Foodbenders, a pro-human rights, pro-Palestinian restaurant in Toronto

2019: New National Security & Intelligence Review Agency (NSIRA) members announced: Outgoing NDP MP Murray Rankin, Q.C. (Chair) & U of Ottawa prof Craig Forcese; Multi-hatted watchdog will have full access to virtually all information held by federal govt. Why? To give to Israel and multinational corporations, and abuse innocent Canadians with?

2019: Who needs ICORE! EUB trained deregulation – for free. It was the “Brotherhood of regulators,” says ex-EUB Chair Neil McCrank, who enabled the Caroline Cover-up and Encana illegally frac’ing Rosebud’s drinking water aquifers, with the “regulator” abusing it’s power, punishing Ernst instead of the company; was Chair when EUB incorporated the notoriously evil Synergy Alberta; authorized the “repulsive” spying on innocent Albertans that made gov’t change it to ERCB; etc., etc.

2017:

2016: RCMP ignore “volley of gunfire” to concerned citizen’s home but warn government and industry: “Environmental extremists pose ‘clear and present criminal threat’ to Canada’s energy sector – more likely to strike at critical infrastructure than religiously inspired terrorists.” Canadian and Australian oil and gas lobby groups warn: Industry operations “impact aquifers” and “contaminate water resources” as pre-determined “bullshit” investigations, cover-ups and court rulings fix everything. No word if “religiously inspired terrorists” plan to retire because of the intense competition

2015:

2015: Did Harper and the oil and gas industry order RCMP/CSIS/Snipers to attack innocent mothers and grandmothers, and set aflame stripped police cars in New Brunswick to discredit all Canadians concerned about frac harms and lay a red carpet for Harper’s Bill C-51?

2015: Did Harper’s thugs spy on more than 160 protests, community events, demonstrations May 2014 – Feb 2015? Protests tracked includes vigil, ‘peace demonstration’

2015: England: Kent Police slammed for snooping after asking for list of people attending frac debate at Canterbury Christ Church University

2015: Will Canadian cops become next victims of industry’s water contamination and fraud? A dangerous new police “best practice?” RCMP members “drink the water” while “trying to understand the shale gas industry” and “educate” themselves. No word on if RCMP plan to try to understand, or investigate, the dangerous and rampant fraud associated with oil and gas industry’s widespread frac contamination, or the number to call if families need RCMP “water taster” to come taste their water after it’s been frac’d, as companies, regulators, and research councils try to cover it up, while lying to the public (including the police) that now toxic and explosive water is “common, normal, and safe”

2015: RCMP pushes for new law to get Canadians’ private information without a warrant. Who’s pushing the RCMP?

Amis du richelieu: In Canada, we’re more likely to be falsely accused of being a terrorist than being killed by one

2014: Canada’s spy agency admits it spies on Canadians ‘incidentally’

2014: Ex-MP Chuck Strahl shouldn’t mix spy committee and pipeline lobbying; Canada’s chief spy watchdog, Harper Govt Appointee Chuck Strahl, working for Enbridge since 2011

2014: Chuck Strahl, CSIS Watchdog Chair, Federal Former Reform-Conservative MP, Registers As Northern Gateway Lobbyist

2014: Communications Security Establishment Canada (CSEC) illegally spied on Canadians; Harper government insisted CSEC never spied on Canadians; Spy agency’s work with CSIS, RCMP fuels fears of privacy breaches

2014: Complaint filed over alleged illegal searches of private information on Northern Gateway pipeline opponents by RCMP, CSIS and handing the information over to oil companies and Canada’s national energy regulator

2014: Probe of Canadian spy agency CSEC found ‘serious breaches’ of ethics code

2014: Devastation Day for Alberta’s Water: The Oil and Gas Industry takes over total control of Alberta’s Fresh Water as “No Duty of Care” Spying AER now a single regulator, 100% funded by industry, takes over Environmental Protection and Enhancement Act and Water Act

2013: Shale gas: the RCMP and CSIS on high alert; Les fractivistes rendent la GRC nerveuse, RCMP and CSIS watching citizens concerned about hydraulic fracturing very closely

2013: “Sickened” by Harper government spying

2013: Canada’s spy agencies chastised for duping courts; CSIS deliberately breached its “duty of candour” to the courts

2013: Petro-state politics prompts CSIS to spy on citizens at alarming rate, FOIs reveal

2013: Hey CSIS, farmers are not terrorists, Anti-fracking activists have been labelled a security threat

2013: We’re Being Watched, How corporations and law enforcement are spying on environmentalists

2013: MUST WATCH! Canadian Legal Advice for the frac’d by AER’s outside counsel Glenn Solomon (released to the public December 1, 2014) where Solomon succinctly details how the oil industry contaminates drinking water, settles and gags the harmed so as to be able to go down the street and do it again and again:

2012: Counter-terrorism unit set up in Alberta to protect energy industry headline changed shortly after publication to Counter-terrorism unit set up in Alberta to help protect energy industry, public

2012: Lawyer’s suspicions Canadian spy agency listened to client calls proven right

“I couldn’t believe the degree to which the judicial process had been corrupted,”

2010:

2009: The Intimidation of Ernst: Members of Harper Government’s Anti-terrorist Squad Intimidate and Harass Ernst after her Legal Papers were Served on Encana, the EUB (now AER) and Alberta Environment

Harper’s bullying spies under the guise of thwarting terrorists arrived warrantless and intruded unannounced.

February 12, 2009: Following a CTV W5 National News segment of Ernst’s explosively contaminated well water and the ERCB’s (now AER, previously EUB) treatment of her, “undercover” Royal Canadian Mounted Police with Canada’s anti-terrorist squad arrive warrant-less at Jessica’s home in Rosebud to interrogate. EnCana, Alberta Environment and the ERCB had been served legal papers two months previously.

Who ordered Canada’s anti-terrorism squad to harass Ernst at her home?

Who violated Ernst’s privacy rights and gave the squad Ernst’s unlisted home phone number and legal land description of her home?

Encana?

Encana’s deregulating darling, the AER?

ERCB was EUB became AER after Ernst’s lawsuit went public

2007: Landowners group says spying episode puts energy board’s neutrality into question

2007: EUB fails integrity test by spying on residents

2007: EUB credibility on the line, Alberta Premier defends EUB spying on landowners

2007: Landowners intend to bring legal action against the EUB for spying on them and intruding on solicitor client privilege

2007: Stelmach endorses the indefensible

2007: Private Investigator posing as landowner was the worst, Spying on citizens casts a smothering pall of bias on any AEUB decision

2007: The fix is in

2007: Say you’re sorry Ed

2007: Spying for the AEUB

2007; Spying by AEUB to be investigated

2007; EUB coverup shocking, Prove to be inept at spying and lying

2007: EUB spy probe to go public

2007: EUB purge, Security unit scrapped, members fired for EUB spying scandal

2007: Taxpayers Pick up Portion of $22,000 EUB Spy Bill without Explanation

2007: EUB scraps security unit, Board-hired investigators spied on landowners

2007: If the EUB is truly repentant about its cloak-and-dagger spying efforts and really wants to regain the trust of Albertans, this focus on a single development project is a pretty weak effort

2007: Integrity on the rocks, outgoing EUB Chairman Neil McCrank’s new job reviewing his own work [EUB “Brotherhood” became ERCB “Brotherhood.” After Ernst lawsuit went public, gov’t created the 100%-industry-funded AER Brotherhood. Public interest was removed from its mandate the better to enable frac hits ‘n harms/blow outs/acquifer fracs/law violations/pollution and increase profits for the Brotherhood’s boss, the oil and gas industry]

2007: Snooping disgusts ex-judge, Energy Board eavesdropping ‘repulsive’

Above image from Justice D. W. Perras September 7, 2007 report on EUB’s (now AER) “repulsive” spying on innocent Albertans (authorized by McCrank!)

2007 EUB purge, Security unit scrapped, members fired for EUB spying scandal

2007: The EUB did a fine job of discrediting the “venerable institution” all by itself

Do it yourself by Shirley Bray, September 27, 2007, Calgary Herald

EUB – Re: Discrediting the EUB doesn’t serve Albertans , G. W. Govier, G. J. DeSorcy, M. N. McCrank, Opinion, Sept. 22.

The EUB did a fine job of discrediting the “venerable institution” all by itself. Please don’t give the credit to others, they don’t deserve it.

2007: AER fails integrity test by spying on residents

2007: EUB (now AER) credibility on the line, Alberta Premier defends EUB spying on landowners

David Eggen, the NDP energy critic, said the impartiality of the regulator has been tainted by the investigators….

Ordinary people bringing their objections and concerns to the AEUB shouldn’t be treated like terrorists.”

2007: Private Investigator posing as landowner was the worst, Spying on citizens casts a smothering pall of bias on any EUB (now AER) decision

2007: Stalinesque spies

2007: EUB (now AER) spies

2007: Defending spies

2007: EUB (now AER) must be investigated now

2007: EUB (now AER) coverup shocking, Prove to be inept at spying and lying

2007: ‘Heads must roll’

2007: EUB (now AER) purge, Security unit scrapped, members fired for EUB spying scandal

2007: Disgracefully undemocratic Oil industry controlled (including courts) Canada hasn’t been a democracy for decades.

2007: Taxpayers Pick up Portion of $22,000 EUB (now AER) Spy Bill without Explanation

2007: Ernst ‘banished’ by AER

2006: McCrank was Chair when the EUB incorporated the notoriously evil Synergy Alberta. Synergy slickly rounds up intelligent, concerned, courageous, outspoken citizens, purifies them with ample propaganda, ego fodder and bribery in CAPP’s blender to make them chant, “We are not opposed, we want regulations (and a study, and another study, and another) while our farms and families, children included, are poisoned by industry.”

2005: McCrank was also EUB Chair when the “regulator” violated Ernst’s Charter rights in writing, judged her a criminal, without charges by the RCMP, no fingerprints, no hearing or trial, no evidence, no due process trying to scare Ernst obediently silent. McCrank did nothing to take responsibility for the law violations or fix it. (The regulator did not “in essence” find Ernst to be a “vexatious litigant” as Supreme Court Justice Rosalie Abella wrote in her 2017 ruling in Ernst vs AER, after Glenn Solomon, AER’s outside lawyer, wrote in his 2012 court filing that Ernst was a terrorist, thus has no charter rights to protect – more defamation or to provide cover for Harper’s anti terrorist squad inappropriately invading.)

See “vexatious litigant” anywhere?

Flash forward: In 2017, Rosalie Abella changed this written charter-violating judgement by the AER (then EUB) and lied, wrote in her ruling in Ernst vs AER they found me to be a vexatious litigant, two years before I even filed my lawsuit! Evil liar Genocidaire Abella!

2004: Encana/Ovintiv illegally frac’s Rosebud’s drinking water aquifers, and even admits it did, while also lying saying it didn’t contaminate them. It’s impossible to frac an aquifer and not contaminate it.

***

Yup, fucking rats, the bunch of them, especially the lawyers, police, all the judges on the supreme court of Canada that heard my appeal, and the Alberta judges Harper positioned and shuffled around on my case to cover up for and aid law-violating frac’ers, notably illegal aquifer frac’er Encana/Ovintiv and cover-up agents extraordinarily ugly, law-violating AER (then EUB) and the Alberta gov’t.

This entry was posted in Global Frac News. Bookmark the permalink.