BELGRADE/LONDON - Serbian officials installed homegrown spyware on the phones of dozens of journalists and activists, Amnesty International said in a report, released on Monday, citing digital forensic evidence and testimony from activists who said they were hacked in recent months.
In two cases, software provided by Israeli company Cellebrite DI Ltd was used to unlock phones prior to infection, the report said.
The Serbian spyware, dubbed “NoviSpy” by Amnesty, then took covert screenshots of mobile devices, copied contacts, and uploaded them to a government-controlled server, the report said.
“In multiple cases, activists and a journalist reported signs of suspicious activity on their mobile phones directly following interviews with Serbian police and security authorities,” Amnesty said.
The Serbian intelligence agency BIA published a statement, opens new tab on its website Monday which said it operates within local laws and accused the Amnesty report of containing "nonsensical statements." Serbia’s interior ministry and foreign ministry did not respond to requests for comment.
Cellebrite products are widely used by law enforcement, including the FBI, to unlock smartphones and scour them for evidence. Cellebrite said it appreciated Amnesty's work and Chief Marketing Officer David Gee said the company was investigating the allegations.
“Should those accusations be accurate, that could potentially be in violation of our end user license agreement,” Gee told Reuters. If that were the case, Gee said, Cellebrite could suspend the use of its technology by Serbian authorities.
Putting surveillance software on devices “is absolutely not what we do”, Gee said. He added that Cellebrite had begun contacting Serbian officials but declined to provide further details.
FORENSIC EXPERTS
One of the activists featured by Amnesty in the report said they had noticed the contacts on their phone had been exported immediately after a meeting with the BIA.
The activist told Reuters they showed their phone to digital forensic experts, who discovered the NoviSpy spyware had exported their contacts and sent private photos from their device to a BIA-controlled server.
According to Amnesty, Serbia received phone-cracking devices from Cellebrite as part of a broader package of assistance designed to help Serbia meet the requirements for integration into the European Union.
That package, which was funded by the Norwegian government and administered by the United Nations Office for Project Services (UNOPS), was provided to the Serbian interior ministry from 2017 to 2021 in order to help Serbia fight organised crime, the report said.
The Norwegian government temporarily ceased delivery of Cellebrite devices to Serbia in 2018, Amnesty said. The Norwegian Embassy in Belgrade also raised concerns about the programme, the report added, but UNOPS eventually delivered the devices in June 2019.
“The claims made in the report are alarming and, if correct, unacceptable,” Norway’s deputy foreign minister, Maria Varteressian, told Reuters. “We will meet Serbian authorities as well as UNOPS later this month to get further information on the matter”.
“We expect UNOPS to investigate the allegations,” she added.
UNOPS said in a statement it welcomed Amnesty's report and said the agency had in the years since 2017 "further enhanced mechanisms to assess and mitigate potential adverse effects." The agency did not elaborate on those measures.
&uuid=(email))