Nuked 
Hello, tech enthusiasts! Today, we delve into a pressing issue that has come to light regarding your Android devices.
Recently, Amnesty International revealed that Google patched several unknown Android vulnerabilities that were exploited by authorities to access user phones via forensic tools.
This report, published on Friday, discusses a chain of three zero-day vulnerabilities identified by the phone-unlocking firm, Cellebrite, after investigating a case involving a student protester in Serbia.
The vulnerabilities reside in the core Linux USB kernel, indicating that over a billion Android devices could be at risk, regardless of brand or model.
Zero-day flaws are particularly concerning as they allow unauthorized parties to breach systems without any available fix. Notably, Amnesty discovered one of these flaws in mid-2024, leading to significant implications for user privacy.
Following the findings, the organization collaborated with Google’s Threat Analysis Group to resolve these issues, successfully identifying and fixing the flaws.
During their investigation, Amnesty’s team uncovered a USB exploit that enabled Serbian authorities to unlock the activist’s phone, raising serious human rights concerns.
Cellebrite has faced scrutiny for its role in multiple instances where authorities utilized its technology to surveil and control activists and journalists.
In December, Amnesty reported incidents where Serbian police allegedly unlocked devices and subsequently installed spyware known as Novispy on the targeted phones.
This week, Cellebrite announced it suspended its services in Serbia following these revelations of misuse, highlighting the need for ethical accountability in tech.
Activists and journalists should exercise caution and consider alternative devices, as the risks from such vulnerabilities remain a looming threat.
