概要: セルビア当局は、セレブライト社のAI搭載フォレンジックツールを用いて、ジャーナリストや活動家の携帯電話のロックを同意なしに解除した疑いがあります。その後、新たに発見されたスパイウェア「NoviSpy」をインストールしたと報じられています。NoviSpyは、秘密裏にデータ抽出、マイクやカメラの遠隔操作、そして監視を可能にしたとされています。アムネスティ・インターナショナルは、セルビアの安全保障情報局(BIA)がこれらの攻撃に関与したことを示すフォレンジック証拠を発見しました。この報道を受け、セレブライト社はセルビアへの販売を停止しました。
Editor Notes: Amnesty International's report can be accessed at the following URL: https://www.amnesty.org/en/documents/eur70/8813/2024/en/. The BIA's brief response to the report can be read here: https://www.bia.gov.rs/mediji/saopstenja-za-javnost/saopstenje-bia-16-12-2024-godine/. In terms of the timeline of events, it is reported Serbian authorities were using Cellebrite between 2021 and 2024. In February 2024, they reportedly targeted the journalist Slaviša Milanov; between July and November 2024 there were reportedly at least nine activists who were detained or questioned and had their phones and computers seized, with allegations that the Serbian security services used the Cellebrite UFED forensic tools to extract data from the devices and, reportedly in some cases, they had installed NoviSpy. Between July and August 2024, when anti-lithium mining protests took place, Serbian authorities reportedly arrested 33 activists and seized their devices for forensic searches. In October 2024, an activist from the NGO Krokodil had, according to Amnesty International's forensic analysis, NoviSpy installed on their device while being interviewed by the BIA. On December 16, 2024, Amnesty published their report (which is being used for this incident ID's date). In response, Cellebrite halted their sales to Serbia, which they announced on February 25, 2025. It is also reported that Google Project Zero and the Threat Analysis Group have confirmed a zero-day vulnerability in Android exploited by Serbian authorities, which was later patched.
Alleged: Serbian Security Information Agency (BIA) と Cellebrite developed an AI system deployed by Serbian Security Information Agency (BIA) , Serbian police と Government of Serbia, which harmed Slaviša Milanov , Nikola Ristić , Krokodil , Journalists in Serbia , Human rights defenders in Serbia , Environmental activists in Serbia , Dissidents in Serbia と Civil society organizations in Serbia.
インシデントのステータス
インシデントID
961
レポート数
7
インシデント発生日
2024-12-16
エディタ
Daniel Atherton