Serbian authorities are reportedly hacking into the phones of journalists and activists using mobile forensic tools and spyware, according to a recent report by Amnesty International.
The report highlights that the state utilizes tools developed by the Israeli company Cellebrite, which are typically intended for law enforcement to unlock devices for forensic investigations.
Amnesty International strongly criticized these practices, calling for the Serbian government to end such intrusive surveillance. The organization issued a clear statement:
“Serbian authorities must stop using highly invasive spyware, provide remedies to victims of unlawful surveillance, and hold perpetrators accountable. Cellebrite and other forensic companies must ensure their tools are not contributing to human rights abuses.”
How the Spyware Is Deployed
The report outlines that Serbian police allegedly access the phones of civil society members while detaining them under various pretexts. Amnesty found that authorities often prolong detentions—through drug tests or psychological evaluations—to gain extended access to confiscated phones. During this time, they reportedly install “Novispy”, a spyware program believed to be state-developed.
Notably, some devices were hacked using a Qualcomm vulnerability that has since been patched.
A First-Hand Account
One notable case involves Slaviša Milanov, deputy editor of Serbian news outlet FAR. Milanov and his editor-in-chief were stopped by authorities, detained, and had their phones seized. When the phones were returned, Milanov noticed unusual activity:
- Settings like Wi-Fi and mobile data were toggled off.
- Apps suddenly consumed abnormal amounts of energy.
Milanov claims his Xiaomi Redmi Note 10S phone was running additional software and that authorities extracted 1.6GB of data—all without his cooperation or password.
Cellebrite’s Response
In response to Amnesty International’s claims, Cellebrite’s senior director Victor Cooper emphasized that the company’s tools are “strictly licensed for lawful use,” requiring a warrant or legal authorization as per their end-user agreement. Cooper also noted that Cellebrite is investigating the alleged misuse and is prepared to impose sanctions if violations are confirmed.
