Amnesty International researchers discovered an Android zero-day bug that was exploited to silently disseminate custom surveillance spyware targeting Serbian journalists. The probe has traced the technology to Cellebrite, an Israeli forensics vendor.
In a technical report published earlier this week, the human rights group outlined how Serbia’s Security Information Agency (BIA) and police employed Cellebrite’s forensic extraction tools and a newly uncovered spyware dubbed ‘NoviSpy’ to infect journalists’ and activists’ devices. In one instance, a journalist’s phone was allegedly hacked during a police traffic check, with the Cellebrite tool facilitating the infection.
Amnesty International warned that Serbia’s legal restrictions on the use of mobile forensic tools are inadequate and that “the ability to download, in effect, an individual’s entire digital life using Cellebrite UFED and similar mobile forensic tools, poses enormous human rights risks, if such tools are not subject to strict control and oversight.”
The report details the example of journalist Slaviša Milanov, whose Xiaomi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: