Russia bypasses Cellebrite restrictions to hack iPhones

Despite the announcement by Cellebrite, a leading Israeli cyber-forensics firm, that it had ceased cooperation with Russian government agencies, its technologies are still being used to hack the smartphones of Russian opposition figures. This situation serves as another warning of how quickly Western technology companies can lose control over their products once they enter the "wild market." This is reported by Techcrunch.com reports.

Researchers from the Citizen Lab digital rights group at the University of Toronto discovered that Russian investigative authorities used Cellebrite technology to access the iPhone of opposition leader and human rights activist Andrei Pivovarov. This incident occurred in June 2021, three months after the company officially left the Russian market. According to TechCrunch, such cases prove how difficult it is to control surveillance technologies.

Loss of control and technological gaps

In its official statements, Cellebrite claimed that it had severed all ties with the Russian government starting in March 2021 and even had the capability to remotely disable its devices. However, in practice, it turned out that devices known as UFED (Universal Forensic Extraction Device) could continue to function to some extent even after the license expired. This indicates that the company failed to fully fulfill its promises.

Israeli lawyer Eitay Mack believes that simply stopping sales or canceling software licenses is not enough. According to him, Cellebrite does not require its clients to return or completely destroy the sold hacking equipment. As a result, former clients continue to use tools that, while outdated, remain effective against human rights activists.

Citizen Lab senior researcher John Scott-Railton emphasizes that the company should implement a mechanism to remotely "brick" its devices. It is also proposed to create the ability to identify which device was used to steal data by applying a digital watermark to every extracted piece of information. These measures would help companies end the era of "plausible deniability."

Global challenges

Cellebrite is not only at the center of scandals related to Russia. The company has previously terminated cooperation with a number of countries following reports of its technology being abused:

• China and Hong Kong;
• Myanmar;
• Bangladesh;
• Serbia.

This situation is also relevant for technology markets like Uzbekistan. Modern cybersecurity tools and smartphone hacking technologies can become weapons not only for fighting crime but also for violating personal privacy. Experts have long emphasized the need to strengthen international control over such "dual-use" technologies from Western companies.

In conclusion, Cellebrite and similar companies must find a balance between the profits they make from selling their products and their responsibility for their subsequent fate. Otherwise, even the most advanced iPhone security systems will remain vulnerable to political pressure and technological abuse.