Russia Used Cellebrite Tool Against Jailed Activist, Report Says

Citizen Lab says Russian authorities used Cellebrite software to unlock activist Andrey Pivovarov’s iPhone after the company ended sales to Russia.

Russian authorities used forensic software made by Israeli firm Cellebrite to unlock the iPhone of jailed opposition activist Andrey Pivovarov, according to a new investigation from Citizen Lab, raising fresh questions about how the company’s technology continued to be used after it cut ties with Russia in 2021.

Researchers said forensic evidence found on Pivovarov’s iPhone 12 showed it had been accessed with Cellebrite’s Universal Forensic Extraction Device (UFED) while the phone was in Russian government custody. Documents from Pivovarov’s criminal case also identified Cellebrite’s forensic tools as being used to extract data from the device.

Pivovarov, the former executive director of the pro-democracy group Open Russia, was arrested in May 2021 after being removed from a flight in St. Petersburg. His iPhone and MacBook were seized during the investigation. In 2022, he was sentenced to four years in prison on charges related to working with an “undesirable” organization, a prosecution widely viewed by human rights groups as politically motivated. He was released in a multinational prisoner exchange in August 2024.

Citizen Lab said traces recovered from the phone indicate Russian authorities used Cellebrite’s software around June 17, 2021—roughly three months after the company announced it had stopped selling its products and services in Russia and Belarus following criticism over their use against dissidents.

According to the report, investigators extracted messages, contact information and data from apps including WhatsApp, Telegram and Viber. The material was then used as evidence in Pivovarov’s criminal case and may have exposed other activists and associates to further scrutiny. Researchers also found that authorities attempted, but failed, to access his MacBook.

The findings have renewed debate over whether surveillance technology companies can effectively prevent their products from being used by authoritarian governments after contracts are terminated. Citizen Lab argues that Cellebrite should strengthen technical safeguards, including remote deactivation capabilities and cryptographic tracking to identify unauthorized use.

Cellebrite disputed suggestions that it continued doing business in Russia. In a statement, the company said any use of legacy hardware after March 2021 was unauthorized, adding that older systems would now be incompatible with many modern devices and have operated without the company’s support since contracts were terminated.

The report adds to growing scrutiny of commercial digital forensics tools, which have increasingly appeared in investigations involving journalists, activists and political opponents in several countries despite vendor policies intended to restrict misuse.

Related articles :

• Coruna iOS Exploit Kit Reuses Triangulation Zero-Days

• Interview with Pentester Cyberjagu

• Critical GitHub Enterprise Flaw Exposes Servers

__Reports are sourced from official documents, law-enforcement updates, and credible investigations.

Discover additional reports, market trends, crime analysis and Harm Reduction articles on DarkDotWeb to stay informed about the latest dark web operations.__