Researchers discover unknown Android defects used to hack in a student’s phone

Amnesty International said that Google has fixed previously unknown defects in Android, which allowed the authorities to unlock phones using medical -legal tools.

Friday, Amnesty International has published a report detailed a chain of three zero day vulnerabilities Developed by the Cellebrite phone locking company, which its researchers found after investigating the student’s phone hack in Serbia. The defects were found in the Linux USB base nucleus, which means that “vulnerability is not limited to a particular device or seller and could have an impact on a billion Android devices,” according to the report.

Zero-zile are bugs in products that, when found, are not known for the software or hardware manufacturers. Zere zero allow criminal and government hackers to enter systems in a way that is more efficient, because there is not yet a patch to solve them.

In this case, Amnesty said he first found traces of one of the defects in a case in the middle of 2024. Then, last year, after investigating the hack of a student activist in Serbia, the organization shared his conclusions with the analysis group of google anti-hacking threats, which caused the company to identify the company.

During the activist’s phone investigation, amnesty researchers found USB exploitation, which allowed the Serbian authorities, with the help of Cellebrite instruments to unlock the activist’s phone.

When contacted for comments, the spokesman of Cellebrita Victor Cooper to which he refers to a statement that the company published earlier this week.

In December, Amnesty reported to find two cases If the Serbian authorities used Cellebrite forensic instruments to unlock the phones of an activist and a journalist and subsequently installed an Android spyware known as Novispy. Earlier this week, Cellebrite announced that the Serbian client stopped to use his technology following the accusations of abuse discovered by amnesty.

“After a review of the accusations presented by the International Amnesty report of December 2024, Cellebrite made accurate measures to investigate each request in accordance with our ethics and integrity policies. We considered it appropriate to stop using our products by relevant customers at this time, ”wrote Cellebrite in his statement.

In the new report, Amnesty said it was contacted in January to analyze the device of a youth activist arrested by the Serbian security information agency (Bezbedonosnosno-information agency or BIA) at the end of last year.

“The circumstances of his arrest and the behavior of the BIA officers, were strongly suitable with Modus Operandi who was used against the protesters and we documented in our report in December. A forensic investigation of the device carried out in January confirmed the use of Cellebrite on the student’s activist phone, ”wrote Amnesty.

As in the other cases, the authorities used a Cellebrite device to unlock the Samsung A32 phone “without its knowledge or consent and outside a legally sanctioned investigation,” according to Amnesty.

“The apparently routine use of the Cellebrite software against people because it has exercised its rights of expression and peaceful assembly can never be a legitimate objective,” wrote Amnistic, “and therefore violates the right of human rights.”

Bill Marczak, principal researcher at Citizen Lab, an organization for digital rights investigating Spyware, wrote on x That activists, journalists and members of the civil society “who could face the phone of authorities (protest, border, etc.) should take into account the passage to the iPhone”, because of these vulnerabilities.

Referring to the Cellebrite instruments, Donncha ó Cearbhaill, the head of the Security Laboratory of Amnesty, told Techcrunch that “the availability of such tools lets me fear that we only scratch the surface of the injuries in these products.”

Google did not respond immediately to a comment request.