Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus.
The finding, published June 25 by the Citizen Lab, rests on two things that rarely line up: traces on the phone itself and an official Russian government report that names the tool.
Investigators searched the extracted data for political contacts, opposition figures, and the names of activist organizations. This was not remote spyware. It was a forensic tool run on a seized device in custody, used to build a case in a political prosecution.
Pivovarov ran Open Russia, an opposition group the Kremlin had branded “undesirable,” a label that turned continued involvement into a criminal offense.
He was pulled off a flight at St. Petersburg airport on May 31, 2021, and his iPhone 12 and MacBook were confiscated. He never gave consent to a search and never handed over his passwords. The devices stayed in custody until 2023. In July 2022, he was sentenced to four years; he was freed in August 2024 in a prisoner exchange.
Pivovarov gave the phone to Citizen Lab researchers in the fall of 2025. The traces on it dated to 2021, when the device was in Russian custody.
MobileLockdown records, which track an iPhone’s trusted USB pairings, showed a connection on June 17, 2021, to a host ID matching a Cellebrite fingerprint the researchers had identified in a prior case in Jordan. They rate it high-confidence evidence that Cellebrite’s UFED was used.
Russia’s own paperwork backs the forensic read. Pivovarov received a report titled “Forensic Expert Report No. 1269-17” in the course of his prosecution, prepared for Russia’s Investigative Committee by the Interior Ministry’s forensic center, and he gave a copy to the Citizen Lab.
It names Cellebrite’s UFED Physical Analyzer and UFED 4PC by product. It documents pulling data from WhatsApp, Telegram, and Viber, and shows investigators running searches for “Open Russia Civic Movement” and for named opposition figures, including Mikhail Khodorkovsky, lawyer Anastasiya Burakova, and Pivovarov’s partner Tatiana Usmanova.
The MacBook held. The MVD report describes a failed extraction, blocked by encryption, and the Citizen Lab found matching failed login attempts on the same date, indicating the authorities never had Pivovarov’s password.
The timing is the point. Cellebrite announced in March 2021 that it would stop selling to Russia and Belarus, a move that cut off updates but left existing hardware running. Much of UFED keeps working offline long after support ends, the Citizen Lab says, which is the hole in the cutoff: the risk was never only future sales, it was the installed base already sitting in police and intelligence offices.
That matches earlier reporting that Russia kept using Cellebrite on detainees’ phones after the announcement.
Asked for…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
