Android Security Patched After Cellebrite Exploit
Amnesty International recently revealed that Google has addressed some serious security flaws in Android. These vulnerabilities, previously unknown, were being exploited by forensic tools, like those from Cellebrite, to unlock phones.
The Discovery: It all started with an investigation into the hacking of a student protester's phone in Serbia. Amnesty International's researchers stumbled upon a chain of three zero-day vulnerabilities. These flaws resided in the core Linux USB kernel, meaning a huge number of Android devices – potentially over a billion – were at risk.
What are Zero-Day Vulnerabilities? Zero-days are bugs that are unknown to the software or hardware makers. They're a hacker's dream because there's no patch available to fix them, making it easier to break into systems.
Amnesty's Investigation: Amnesty International first detected traces of one of these flaws in mid-2024. Following the Serbian activist's case, they shared their findings with Google's Threat Analysis Group. This collaboration led to the identification and patching of all three vulnerabilities.
Cellebrite's Role: The investigation revealed that Serbian authorities used Cellebrite tools to unlock the activist's phone using a USB exploit. In response to the allegations of abuse, Cellebrite stated they have stopped their Serbian customer from using their technology.
The Bigger Picture: Amnesty also found instances where Cellebrite tools were used to install Android spyware, called Novispy, on the phones of activists and journalists. This raises serious concerns about the use of such tools against individuals exercising their rights to freedom of expression.
Donncha Ó Cearbhaill, head of Amnesty’s Security Lab, expressed concern about the widespread availability of these tools, suggesting that "we are just scratching the surface of harms from these products.”
Bill Marczak, a senior researcher at Citizen Lab, recommends that activists, journalists, and others who might have their phones seized should consider switching to iPhones due to these Android vulnerabilities.
Source: TechCrunch