惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
aimingoo的专栏
aimingoo的专栏
人人都是产品经理
人人都是产品经理
G
GRAHAM CLULEY
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
L
LangChain Blog
AWS News Blog
AWS News Blog
V
Vulnerabilities – Threatpost
博客园 - 司徒正美
Last Week in AI
Last Week in AI
P
Privacy International News Feed
C
CERT Recently Published Vulnerability Notes
Simon Willison's Weblog
Simon Willison's Weblog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
S
Schneier on Security
Y
Y Combinator Blog
月光博客
月光博客
博客园 - Franky
T
Threatpost
Security Latest
Security Latest
C
Cybersecurity and Infrastructure Security Agency CISA
博客园 - 【当耐特】
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
大猫的无限游戏
大猫的无限游戏
A
Arctic Wolf
T
The Exploit Database - CXSecurity.com
A
About on SuperTechFans
I
Intezer
C
CXSECURITY Database RSS Feed - CXSecurity.com
C
Cisco Blogs
S
Securelist
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
美团技术团队
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Microsoft Security Blog
Microsoft Security Blog
Know Your Adversary
Know Your Adversary
IT之家
IT之家
D
Docker
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
NISL@THU
NISL@THU
博客园 - 三生石上(FineUI控件)
L
Lohrmann on Cybersecurity
小众软件
小众软件
PCI Perspectives
PCI Perspectives
N
News and Events Feed by Topic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Google DeepMind News
Google DeepMind News
爱范儿
爱范儿
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Engineering at Meta
Engineering at Meta

The Record from Recorded Future News

Taiwan charges two businessmen over alleged role in Chinese espionage campaign Former UK privacy chief preparing legal action against woman who reported him, minister says Spain arrests alleged supporter of pro-Russian hacktivist groups after FBI tip EU unveils cyber plan to reduce reliance on foreign AI systems Supreme Court allows Texas app law requiring age verification to take effect Britain plans to build autonomous AI 'Cyber Shield' to defend nation Major Japanese telco says cyberattack exposed 12 million emails UK cyber pledge draws only a handful of top firms despite ministerial appeal Canadian spy agency reports hacking three criminal groups in 2025 Attackers vote themselves $20 million in BONK cryptocurrency Major medical device manufacturer notifies nearly 4 million of breach Japanese teen arrested over cyberattack that disrupted anime streaming service Ukrainian media outlets now among 'priority targets' for Russian hackers Spyware found on phone of European Parliament member probing it Launch of UK's National Cyber Action Plan delayed amid Labour leadership crisis Supreme Court decision threatens EU-US data transfer agreement Teen suspect in Scattered Spider hacks is extradited to US US lifts export controls on Anthropic’s frontier cybersecurity AI models Japanese insurer, brewer, manufacturer and telecom disclose cyber breaches CIA chief highlights major shifts in agency’s tech approach House passes kids’ online safety bill, but Senate approval unlikely An intelligence budget 'super user' job is now in the hands of Russ Vought Justices rule that cellphone location histories are protected by the Fourth Amendment US racks up about 400 wins over illegal World Cup streaming sites US posts $10 million reward over Russian cyber campaign targeting Signal, WhatsApp Ukraine to use seized crypto from cybercrime group to buy war bonds Russia accuses Apple of ‘political censorship’ after VK apps removed from App Store Turla group adds more malware to Russia’s espionage efforts against Ukraine Russia used social engineering to breach prominent messaging accounts, Ukraine says FCC votes to toughen rules in bid to better protect undersea cables DHS chief says president has met with potential CISA nominee; agency plans to hire 600 Another Russian dairy company reportedly disrupted by cyberattack Ukraine's state postal operator reports app disruption after cyberattack Three ‘cybercrime as a service’ operations undercut by Microsoft, law enforcement German rail services resume after wireless communications outage Indian auto giant Bajaj Auto hit by ransomware incident Five Eyes agencies sound alarm about AI’s threat to cybersecurity Feds seize alleged cyber-scam infrastructure connected to Southeast Asian company Trump directs federal agencies to protect US data from quantum threats Compromise kids online safety bill unveiled by House leaders, with key omission Two Scattered Spider members plead guilty over cyberattack that crippled London transit Tata Electronics confirms cyberattack after alleged Apple, Tesla documents appear online Suspected cyberattack triggers false emergency alerts across parts of Brazil Police raid malware network tied to Russia's Evil Corp hacker group UK's information commissioner resigns over ‘inappropriate humour’ Bulgaria allowed surveillance tech firm to sell products to repressive regimes, report says Australian sugar producer works to restore operations as ransomware group claims attack Hostile states behind three-quarters of attacks on Britain's critical infrastructure, cyber chief warns EU grants Ukraine access to cybersecurity reserve for major attacks Warner warns of CISA cuts, staffing gaps in letter to acting chief GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say India's Telegram ban draws criticism from Durov as company challenges order in court India temporarily blocks Telegram over medical exam cheating fears UK to ban social media access for children under 16 Estonia to quarantine emails sent from Russian .ru domain /maine-turns-off-breach-portal-fake-reports Cyberattack on Russian tech firm Astral disrupts business, government services for week Finland brings charges against cargo ship officers for cutting submarine cables Anthropic says US government forced it to disable cybersecurity AI models Belarus-linked hackers target Gmail accounts of Polish public figures and their families Bankruptcy admin approves settlement fund of $47 million for 23andMe data breach victims Major US surveillance program poised to lapse after legislative deadlock South Korea hits Coupang with record $409 million fine over data breach Cyber Force not included in Senate defense policy roadmap British high school sends students home following cyberattack Hacker linked to Void Blizzard faces charges over cyberespionage campaign University of Nottingham confirms cyber incident as Shiny Hunters group claims data theft CISA to require federal agencies to patch some cyber vulnerabilities within 3 days Cyberattack shuts down major Australian sugar mills, disrupting harvest Microsoft ships largest Patch Tuesday on record, with one bug under active attack UK weakens proposed telecoms defenses against Chinese hackers after industry pushback CISA to transform how it assesses cyber vulnerabilities and risks, Andersen says Hackers pose as women seeking romance to spy on Russian soldiers UK gives big tech 3 months to create device controls to block nude images of kids EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers Apple removes Russia’s state-backed messaging app Max from its store Trump considers Palantir exec to lead CISA FTC considers setting aside or modifying $150 million privacy penalty against X Russia seeks to label two anti-Kremlin hacker groups as ‘extremist’ Supreme Court rules FCC fines punishing telecom giants for sharing location data were legal UN food agency investigates breach exposing data of Gaza aid recipients Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process Five Eyes warn Chinese spies are using job sites to recruit insiders CISA directive for AI executive order to be released this week, Andersen says DHS chief signals efforts to reshape CISA New cyber force would cost up to $11 billion to start, commission says White House unveils pared-back AI executive order Russia claims foreign spy agencies hacked officials' phones Red Hat removes tainted packages after software pipeline compromise Spain arrests suspected hacker for publishing personal data of police, prosecutors and cyber officials Microsoft says it will not pursue security researchers after zero-day backlash Inspector general finds NIST mistakes have made vulnerability database ineffective NSA selects new leads for key cybersecurity posts Afghan finance officials targeted by suspected Pakistani cyberespionage campaign Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more Cruise giant Carnival confirms data breach affecting nearly 6 million people Canadian man gets 33 years for using social media to coerce US children into sending sexual content Chinese-speaking fraud gang could be stealing millions from 2026 World Cup fans Russia conducting daily attacks on UK 'from seabed to cyberspace,' spy chief warns
Russia used Cellebrite phone-hacking tool to crack down on dissident after firm cut off country
Suzanne Smalley · 2026-06-25 · via The Record from Recorded Future News

Russian authorities used Cellebrite phone data extraction technology to snoop in a dissident’s device three months after the Israeli commercial surveillance company said it had cut the country off due to human rights concerns.

The continued use of the powerful data extraction product — in this case Cellebrite’s universal forensic extraction device (UFED) — soon after the company in March 2021 said it would stop working with Russia suggests the firm has been unable to pull back its technology from authoritarian government customers, according to Citizen Lab researcher John Scott-Railton.

“The historic architecture of Cellebrite forensic systems means that much of the functionality in the UFED product has continued to operate long after updates cease,” a Citizen Lab report said. 

Cellebrite systems, Citizen Lab said, also have historically included an offline mode.

“The way Cellebrite's technology was designed appeared to make it difficult for the company to

meaningfully cut off problematic customers,” the report concluded.

A Cellebrite executive emailed Recorded Future News a copy of a letter he sent to Citizen Lab, saying “any use of legacy Cellebrite hardware in Russia after March 2021 is entirely unauthorized.” 

“The Cellebrite hardware previously sold, prior to March 2021, would now be incompatible with modern devices and would operate without our technical support, our consent or any legal sanction from Cellebrite,” chief marketing officer David Gee said. “Rapid technology advances render legacy digital forensic hardware and software ineffective within a short period of time. Russia remains permanently on our restricted-customer list.”

Citizen Lab has documented how authorities in repressive regimes like Serbia, Jordan and Kenya have recently used Cellebrite to break into civil society phones, which has raised questions about the company’s commitment to stopping abuse.

A dissident jailed

In this case, prominent Russian political activist Andrey Pivovarov was detained by Russian authorities in May 2021 and his devices, including an iPhone12 and an Apple Macbook, were soon seized, according to the Citizen Lab report.

Pivovarov's devices remained in official custody until 2023, according to Citizen Lab. He was not asked for his consent to search the devices and he did not provide authorities with his passwords.

The security researchers at Citizen Lab say they have determined with high confidence that Pivovarav’s phone was broken into on or around June 17, 2021, when it was in the possession of Russian authorities, and just three months after Cellebrite said Russia could no longer use its product.

The forensic analysis of MobileLockdown records from the phone show USB connections to a device with a Host ID that Citizen Lab has previously attributed to Cellebrite, the report said.

In July 2022, Pivovarov, the former director of the Russia-based Open Russia nonprofit, was sentenced to four years in prison for his activism. Court records dug up by Citizen Lab back its forensic findings and show multiple documents pulled from Pivovarav’s phone were used to build a case against him on charges of “carrying out the activities of an ‘undesirable’ organization,” the report said.

The court documents also show that Cellebrite’s UFED was deployed to search for specific political terms once the phone was cracked. Russian authorities did not manage to break into the Macbook, the report said.

Pivovarov was released in a 2023 prisoner exchange and now lives in exile in Germany but remains afraid of being spied on. He plans to write Cellebrite’s CEO a letter asking why Russian authorities were able to use its UFED even after the firm said it exited the country and how it will prevent future abuse.

“I'm a little nervous that in the future it can continue,” Pivovarov said in an interview. “It's very bad when such clever software is used for Putin’s vision.”

‘Plausible deniability’

Cellebrite’s technology is a powerful tool for repression in the hands of autocrats because it can be used to extract journalists’ sources, better understand opposition political movements and track how dissidents are working together, advocates and researchers say.

Cellebrite also has said it plans to roll out new AI features, Scott-Railton said. It will enable “even more efficient extraction of people's social graph, which worries me,” he added.

“If Cellebrite wants to stop equipping political prosecutions, the path is clear: stop selling to autocrats, remotely-disable their tech after credible reports of abuse, and end the era of plausible deniability by implementing cryptographically-signed watermarks on all imaged devices,” Scott-Railton said.

Citizen Lab and the nonprofit Access Now sent Cellebrite’s top executives a letter urging them to stop selling to regimes that have previously abused their tech and to join civil society in spearheading “human rights due diligence” efforts before and after the technology is sold, according to Natalia Krapiva, senior tech-legal counselor at Access Now.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

Recorded Future

No previous article

No new articles

Suzanne Smalley

Suzanne Smalley

is a reporter covering digital privacy, surveillance technologies and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.