The unsettling case of NoviSpy spyware reveals a troubling collaboration between state surveillance tools and forensic technologies, targeting Serbian journalists and activists. This breach demonstrates the pressing need for stronger cybersecurity measures to protect vulnerable individuals and organizations from invasive surveillance tactics.
Victims of the Breach
The spyware targeted independent journalist Slaviša Milanov, whose phone was compromised during detention, as well as youth activist Nikola Ristić, environmental advocate Ivan Milosavljević Buki, and a Krokodil NGO member. These individuals, known for their advocacy and social work, became victims of unlawful surveillance, endangering their personal safety and exposing sensitive data.
Breach Procedure
The compromise began when Serbian police unlocked the journalist's phone using Cellebrite’s tool, which enabled the installation of NoviSpy via Android Debug Bridge (adb). NoviSpyAdmin and NoviSpyAccess, the spyware’s two malicious applications, exploited Android's accessibility features to exfiltrate sensitive data, including messages, call logs, and screenshots. A Qualcomm vulnerability (CVE-2024-43047) was leveraged to escalate privileges, further enhancing the spyware’s capabilities.
Consequences and Context
This case illustrates the dangers posed by unregulated surveillance technologies. The misuse of Cellebrite’s forensic tools and the development of NoviSpy highlight systemic vulnerabilities in digital privacy. Advocacy groups, including Amnesty International, are calling for tighter oversight and international regulation to curb the abuse of such technologies.
Measures to Fend Off
Device Security
Use encrypted phones to ensure data protection even if devices are physically accessed.
Enable secure lock screens and biometric authentication to deter unauthorized entry.
Software and Vulnerability Management
Regularly update operating systems and drivers to patch critical vulnerabilities.
Activate verified boot to safeguard devices against unauthorized modifications.
Advocacy and Regulation
Support global policies for the ethical use of surveillance tools.
Push for transparency from forensic and spyware developers to ensure accountability.
Comments