Russian authorities hacked into the phone of a prominent political opponent while he was in custody, using technology made by forensics firm Cellebrite — even after the company had said it cut ties with Putin’s government agencies, according to a new report that raises fresh questions about whether Western tech companies can truly control how their tools are used once they’re in the wild.
The case is a cautionary tale for any technology company that sells to governments. Cellebrite, an Israeli outfit with a second headquarters in Virginia that sells to governments all over the world — including in the U.S. — had announced it would stop providing hardware and software to Russia. It apparently didn’t, or couldn’t, follow through.
Researchers at The Citizen Lab, a digital rights group based at the University of Toronto, said they found evidence that a Russian government investigative unit used a phone hacking tool made by Cellebrite to break into the iPhone of local human rights dissident and opposition politician Andrey Pivovarov in June 2021.
Three months before that hack, Cellebrite had announced that it would “immediately” stop selling its technology to its Russian government customers. On its official website, Cellebrite claims that as of March 2021, when it cut ties with Putin’s government, the company “can stop the device from functioning or receiving software updates.”
It’s unclear why that didn’t happen in this case, and the episode exposes an uncomfortable truth about surveillance tech, which is that once powerful hacking and surveillance technologies reach the wrong customer, clawing them back isn’t so easy. The tools proliferate, get abused, and can keep getting abused, often long after the company that made them has washed its hands of the customer.
“It’s not surprising, and [it] is the result of the policies of Cellebrite,” said Eitay Mack, an Israeli human rights lawyer who has long campaigned against surveillance technology makers like Cellebrite and spyware maker NSO Group.
Contact Us
Do you have more information about Cellebrite? Or about how Cellebrite’s customers are abusing its tech? We’d love to hear from you. From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
Mack argued that ceasing sales, and even revoking a software license, doesn’t stop a former Cellebrite customer from abusing the company’s technology, as this case demonstrates. Mack also pointed out that Cellebrite refuses to say whether i …