{"id":867,"date":"2025-03-01T02:33:19","date_gmt":"2025-03-01T02:33:19","guid":{"rendered":"https:\/\/www.batteryone.co\/blog\/?p=867"},"modified":"2025-03-01T02:33:19","modified_gmt":"2025-03-01T02:33:19","slug":"google-patches-android-vulnerabilities-exploited-by-authorities-to-unlock-phones","status":"publish","type":"post","link":"https:\/\/www.batteryone.co\/blog\/archives\/867","title":{"rendered":"Google Patches Android Vulnerabilities Exploited by Authorities to Unlock Phones"},"content":{"rendered":"\n

Google has quietly patched a set of previously unknown Android vulnerabilities<\/strong> that allowed forensic tools to unlock phones without user consent. The discovery was made by Amnesty International<\/strong>, which found that Serbian authorities had used these exploits to gain access to a student protester\u2019s phone.<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

The vulnerabilities, identified as a chain of three zero-day flaws<\/strong>, were discovered in the core Linux USB kernel<\/strong>, meaning they were not limited to a single Android device or manufacturer. According to Amnesty\u2019s report, the flaws could have affected over a billion Android devices worldwide<\/strong>.<\/p>\n\n\n\n

Zero-day vulnerabilities are particularly dangerous because they remain unknown to software or hardware developers until they are discovered and exploited. Since no patches exist at the time of discovery, hackers\u2014including both criminal groups and government agencies\u2014can use them to break into systems without triggering security defenses.<\/p>\n\n\n\n

>>>EB-BA205ABU<\/a> for Samsung<\/a> EB-BA205ABU<\/p>\n\n\n\n

Amnesty first detected traces of one of these flaws in mid-2024 but did not fully understand its scope until later that year. A deeper investigation into the hacking of a student activist\u2019s phone in Serbia provided further evidence that authorities had used Cellebrite\u2019s forensic tools<\/strong> to bypass Android security. Amnesty then shared its findings with Google\u2019s Threat Analysis Group<\/strong>, which led to the discovery and patching of three separate security flaws.<\/p>\n\n\n\n

Cellebrite, an Israeli company known for developing phone-unlocking tools for law enforcement<\/strong>, was at the center of the controversy. Amnesty found that Serbian authorities had used Cellebrite\u2019s technology to unlock the activist\u2019s phone without his knowledge or consent<\/strong>. The case raised concerns about how such tools are being deployed against journalists, activists, and human rights defenders.<\/p>\n\n\n\n

This was not the first time Amnesty had identified the misuse of Cellebrite\u2019s tools. In December 2024, the organization reported that Serbian authorities had used Cellebrite\u2019s forensic technology to unlock the phones of both an activist and a journalist<\/strong>. The report also revealed that after unlocking the devices, authorities installed NoviSpy<\/strong>, an Android spyware designed for surveillance.<\/p>\n\n\n\n

Following these allegations, Cellebrite announced earlier this week that it had terminated its relationship with its Serbian customers<\/strong>, citing ethical concerns. The company released a statement saying it had reviewed Amnesty\u2019s findings and decided to stop providing its products<\/strong> to the Serbian government for the time being.<\/p>\n\n\n\n

Amnesty\u2019s latest report details another case in which Serbian authorities used Cellebrite\u2019s tools to gain access to a Samsung A32<\/strong> phone belonging to a youth activist. The activist had been arrested by Serbia\u2019s Security Information Agency (BIA)<\/strong> at the end of 2024. Amnesty found that the tactics used in his arrest closely resembled those documented in its previous report, further reinforcing concerns about targeted surveillance against political dissidents.<\/p>\n\n\n\n

Amnesty strongly condemned the use of such forensic tools for suppressing free speech and peaceful assembly<\/strong>, arguing that these actions violate fundamental human rights. The organization emphasized that using Cellebrite\u2019s software in this way cannot be justified under any legitimate legal framework<\/strong>.<\/p>\n\n\n\n

>>>BA4050<\/a> for UniStrong<\/a> BA4050 GPS<\/p>\n\n\n\n

The discovery of these vulnerabilities has reignited discussions about the security of Android devices, particularly for individuals who may be at risk of government surveillance or digital repression<\/strong>.<\/p>\n\n\n\n

Bill Marczak, a senior researcher at Citizen Lab<\/strong>, urged activists, journalists, and civil society members to consider switching to iPhones<\/strong>, which he suggested might offer stronger protection against forensic unlocking tools.<\/p>\n\n\n\n

Donncha \u00d3 Cearbhaill, head of Amnesty\u2019s Security Lab<\/strong>, warned that Cellebrite\u2019s technology is more widely available than many realize<\/strong>. He expressed concern that the issue may extend beyond Serbia and could be affecting activists in multiple countries<\/strong>.<\/p>\n\n\n\n

With Google now having patched the vulnerabilities, the immediate threat has been mitigated. For individuals concerned about digital privacy, keeping devices updated, using strong passcodes, and relying on end-to-end encrypted messaging apps remain critical defenses. However, as long as forensic tools like Cellebrite\u2019s exist, the risk of unauthorized phone access\u2014especially in politically sensitive cases\u2014remains a pressing issue.<\/p>\n","protected":false},"excerpt":{"rendered":"

Google has quietly patched a set of previously unknown Android vulnerabilities that allowed forensic tools to unlock phones without user consent. The discovery was made by Amnesty International, which found that Serbian authorities had used these exploits to gain access to a student protester\u2019s phone. The vulnerabilities, identified as a chain of three zero-day flaws, were discovered in the core […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[7],"class_list":["post-867","post","type-post","status-publish","format-standard","hentry","category-news","tag-apple"],"_links":{"self":[{"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/posts\/867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/comments?post=867"}],"version-history":[{"count":1,"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/posts\/867\/revisions"}],"predecessor-version":[{"id":868,"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/posts\/867\/revisions\/868"}],"wp:attachment":[{"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/media?parent=867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/categories?post=867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.batteryone.co\/blog\/wp-json\/wp\/v2\/tags?post=867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}