Russian authorities have been found to be using Cellebrite's forensic tools to break into iPhones, despite the company's claims that it had terminated all contracts with Russian customers. The discovery was made by researchers at the University of Toronto's Citizen Lab, who analyzed a compromised device belonging to an unnamed Russian political activist and found evidence of Cellebrite's Universal Forensic Extraction Device (UFED) being used to extract data from the phone. This raises questions about how much control Cellebrite has over its own software and whether it can prevent its tools from being used by unauthorized parties.
What Happened
The case in question involves Andrei Pivovarov, a Russian opposition politician who was arrested in May 2021 and released four years later as part of the high-profile exchange between Russia and the US. While he was imprisoned, Russian authorities used forensic tools to break into his iPhone, extracting information about his contacts and personal life. This information was used in building a criminal case against Pivovarov, and some of his contacts were later targeted by Coldriver, a Russia-linked group.
The Citizen Lab's analysis found that Cellebrite's UFED was used to extract data from Pivovarov's iPhone on or around June 17, 2021, three months after Cellebrite announced it would "immediately" stop selling to Russian and Belarusian authorities. The researchers identified a specific Host ID (9016926980658937761372207) found in MobileLockdown USB connection records on the device, which was previously attributed by the Citizen Lab to Cellebrite in an earlier investigation involving Jordanian civil society.
Background and Context
Cellebrite is a well-known provider of forensic tools for law enforcement agencies around the world. Its Universal Forensic Extraction Device (UFED) allows users to easily break into phones and examine their contents, making it a valuable tool for legitimate criminal investigations. However, Cellebrite's technology has also been criticized for its potential use in surveillance states, where it can be used to target dissidents and opposition figures.
In 2021, Cellebrite announced that it would cease sales to Russia after the Russian government was found to have used its tools to raid the phone of Lyubov Sobol, a prominent opposition figure. However, it appears that this ban did not prevent Russian authorities from continuing to use Cellebrite's technology.
Why It Matters to the Industry
The discovery of Cellebrite's tools being used by Russian authorities raises questions about how much control companies have over their own software and whether they can prevent it from being used by unauthorized parties. This is particularly relevant in the adult industry, where platforms and operators rely on secure access controls to protect user data and prevent unauthorized access.
As Cellebrite's technology has been found to be vulnerable to unauthorized use, this highlights the need for companies to prioritize security and implement robust measures to prevent their tools from being used by malicious actors. This includes implementing strict access controls, regular software updates, and monitoring for suspicious activity.
What Comes Next
The discovery of Cellebrite's tools being used by Russian authorities raises questions about the accountability of companies like Cellebrite in preventing their technology from being used by unauthorized parties. As a publicly traded company, Cellebrite has a responsibility to its shareholders and stakeholders to ensure that its products are not being used for malicious purposes.
The Citizen Lab's analysis highlights the need for greater transparency and accountability in the surveillance tech industry. Companies like Cellebrite must prioritize security and implement robust measures to prevent their tools from being used by unauthorized parties.
Key Facts
- Russian authorities used Cellebrite's forensic tools to break into Andrei Pivovarov's iPhone in June 2021, despite the company's claims that it had terminated all contracts with Russian customers.
- The Citizen Lab's analysis found evidence of Cellebrite's Universal Forensic Extraction Device (UFED) being used to extract data from Pivovarov's iPhone on or around June 17, 2021.
- Cellebrite announced in March 2021 that it would cease sales to Russia after the Russian government was found to have used its tools to raid the phone of Lyubov Sobol.
- The discovery raises questions about how much control companies like Cellebrite have over their own software and whether they can prevent it from being used by unauthorized parties.
- Cellebrite is a well-known provider of forensic tools for law enforcement agencies around the world, and its technology has been criticized for its potential use in surveillance states.