Russia used Israeli firm’s tool to crack phone months after ties severed, report finds

Andrei Pivovarov gestures during a court session in Krasnodar in June 2021. Photograph: AP View image in fullscreen Andrei Pivovarov gestures during a court session in Krasnodar in June 2021. Photograph: AP Russia used Israeli firm’s tool to crack phone months after ties severed, report finds Case of Andrei Pivovarov raises questions about how much control Cellebrite has over its own software Russian authorities used tools from the Israeli company Cellebrite to break into the phone of a political prisoner, months after the company said it cancelled its contracts with Russia, an investigation by the University of Toronto’s Citizen Lab research unit has found . The case raises questions about how much control Cellebrite has over its own software, which allows users to easily break into phones and examine their contents. The tools are sold worldwide and widely used by police forces in the UK and the US. Andrei Pivovarov, the director of the organisation Open Russia, was arrested in May 2021 and released more than three years later as part of the high-profile exchange that also involved the US journalist Evan Gershkovich. Who’s who among the prisoner exchange between Russia and the west? Read more While he was imprisoned, Russian authorities used forensic tools to break into his phone, extracting information about his contacts and his personal and professional life in what Pivovarov said was a “violation of his privacy” that put many of his colleagues at risk. “They tried to find my messages to other colleagues from my organisation and other politicians and may use these in criminal cases against them. After my arrest, several of my colleagues left Russia immediately,” he said. This information was used in building a criminal case against Pivovarov. Authorities were able to gather extensive information about his contacts, including the content of his messages on apps such as WhatsApp and Viber, according to documents provided to Pivovarov in the course of his prosecution. Some of his contacts were later targeted by Coldriver, a Russia-linked group – a link the Citizen Lab has said warrants further investigation. The Citizen Lab said a forensic investigation had found “with high confidence” that Cellebrite tools were used, and that this was confirmed by a document prepared by the Russian authorities and given to Pivovarov in the course of his criminal prosecution. Cellebrite claims it is “totally on the good side,” and has attempted to differentiate itself from other companies such as the NSO Group , whose signature spyware – known as Pegasus – is alleged to have been deployed by foreign governments against dissidents, journalists, diplomats and members of the clergy. NSO says that clients are obligated not to abuse its spyware. Pivovarov was hacked in May 2021, months after Cellebrite said it would stop selling its solutions and services to customers in Russia and Belarus. That announcement followed media pressure in Israel after a group of investiga