Serbian police used Cellebrite zero-day hack to unlock Android phones
by lulagain - Monday March 3, 2025 at 09:37 PM
GOD User
user_26014
Posts: 430
Threads: 254
Joined: Aug 2023
Reputation: 780
#1
03-03-2025, 09:37 PM
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware.
Cellebrite is an Israeli digital forensics company that develops tools used by law enforcement, intelligence agencies, and private companies to extract data from smartphones and other digital devices.
Companies like Cellebrite commonly utilize zero-day exploits to access and extract data usually protected on locked phones.
The use of this Android exploit was found by Amnesty International's Security Lab in mid-2024 during forensic research on the logs of the impacted device.
[Image: donnhca-teeet.png]
The organization previously reported on cases of privacy rights abuse in Serbia in December 2024. In response to the revelations, Cellebrite announced it blocked access to its tools for the country's security services (BIA) earlier this week.
After Amnesty shared its findings with Google's Threat Analysis Group (TAG), Google's researchers were able to pinpoint three vulnerabilities in the Linux kernel USB drivers, also used in Android, that were exploited as zero-days.
The three flaws are:
CVE-2024-53104 (USB Video Class exploit)
CVE-2024-53197 (ALSA USB-sound driver exploit)
CVE-2024-50302 (USB HID device exploit)
The first flaw was patched in Google's February 2025 Android security updates, marked as "under limited, targeted exploitation."
The other two flaws have not been announced as fixed in any Android security update bulletins yet, and depending on the device model and how often manufacturers update its kernel, it might take a while.
Head of Security Lab at Amnesty, Donncha O'Cearbhaill, told BleepingComputer that patching CVE-2024-53104 might be enough to disrupt the whole exploitation chain, although they cannot be certain about it yet.
[Image: graphene.png]
GrapheneOS told BleepingComputer that their Android distribution already has patches for CVE-2024-53197 and CVE-2024-50302 because they regularly update the latest Linux kernel.
[Image: 128.gif]
@Ater  @antisocial My Nigga's
Website
Reply
Banned

Posts: 68
Threads: 0
Joined: Feb 2025
Reputation: 0
#2
03-05-2025, 03:26 PM
thats really scary
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breached26tezcofqla4adzyn22notfqw...an-Appeals if you feel this is incorrect.
Reply
Breached
Member
Posts: 27
Threads: 2
Joined: Mar 2025
Reputation: 0
#3
03-06-2025, 12:41 AM
Can they do that to iphones?
Reply
Cyber Leaks
DWC
Posts: 200
Threads: 41
Joined: Nov 2024
Reputation: 257
#4
03-06-2025, 06:08 PM (This post was last modified: 03-06-2025, 06:09 PM by RedBlock.)
I bet all of the agencies are using 0days
earth is doomedSmile
Hack the Box Season 8

https://t.me/+u1sCX38Xneo3OGM1
Website
Reply
GOD User
user_26014
Posts: 430
Threads: 254
Joined: Aug 2023
Reputation: 780
#5
03-06-2025, 07:23 PM
(03-06-2025, 06:08 PM)RedBlock Wrote: I bet all of the agencies are using 0days
earth is doomedSmile

yes we are cooookedddddddddddddd
[Image: 128.gif]
@Ater  @antisocial My Nigga's
Website
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  LOCK4J (NATOHUB) ARRESTED BY THE SPANISH NATIONAL POLICE AND THE CIVIL GUARD lock4j 7 861 08-07-2025, 10:04 PM
Last Post: admin123
  EU age verification app to ban any Android system not licensed by Google empelempe 1 214 07-28-2025, 06:33 AM
Last Post: jokecoffin
  Calling Cybersecurity & Hack Experts tangobe 5 451 04-13-2025, 01:05 PM
Last Post: music
  SK.com hack QilinRansom 6 471 04-12-2025, 02:29 PM
Last Post: CyberWix
  Police arrests 300 suspects linked to African cybercrime rings lulagain 3 411 04-12-2025, 12:59 AM
Last Post: BeholderofCheese

Forum Jump:


 Users browsing this thread: 1 Guest(s)