bne December 2023 Companies & Markets I 21
      bne:Tech
Serbian pro-democracy activists targeted with spyware ahead of election
bne IntelliNews
Two civil society activists in Serbia have been targeted by what are believed to be state-sponsored technical attacks, NGOs Access Now and the SHARE Foundation announced on November 28.
The two activists, who have not been named, were reportedly critics of Serbia’s government. The attacks took place during the summer, when the authorities faced a series of mass protests under the ‘Serbia against violence’ banner.
“Both targeted civil society members have been openly critical of Serbia’s government, which has a track record of deploying spyware and other digital surveillance tools,” a statement from Access Now said.
The two individuals were notified by Apple of their potential exposure to the attacks on October 30, and reached out to Serbian digital rights NGO the SHARE Foundation seeking an assessment of the allegations and a determination of whether their devices had been subjected to known spyware attacks.
After Apple representatives confirmed the authenticity of
the alerts, the SHARE Foundation team, in collaboration
with Internews, conducted a thorough analysis of the mobile devices to identify traces of spyware infection, including well- known variants such as Pegasus and Predator. To corroborate the diagnostic and analytic data obtained, as well as secure encrypted backups of crucial device data, the SHARE Foundation engaged with international organisations Access Now and Amnesty International, known for their expertise in digital forensics.
Following a comprehensive review of the data, both organisations independently confirmed the presence of traces from a failed attack attempt that occurred on August 16, on both mobile devices. Their analysis converged on
the initial phase of the attack, which targeted a device vulnerability known as ‘PWNYOURHOME’, previously associated with the Pegasus spyware, the SHARE Foundation said. This vulnerability has since been addressed through patches.
“The SHARE Foundation warns that spyware attacks on representatives of the critical public have a disastrous impact on democracy and human rights, especially in the pre-election period. The use of spyware is illegal and incompatible with democratic values,” the organisation said.
“We remind the public that these and similar tools for technical attacks on mobile devices are used by non-democratic regimes around the world to spy on members of the opposition, civil society, independent media, dissidents and other actors working in the public interest. Such activities threaten the freedom
of expression and association, as well as the right to privacy and secrecy of communication guaranteed by domestic and international law.”
Access Now pointed out that the Citizen Lab had previously identified the Serbian Information Security Agency (BIA) as a user of FinFisher's spyware in 2014 and, in 2020, as a
“Both targeted civil society members have been openly critical of Serbia’s government, which has a track record of deploying spyware and other digital surveillance tools”
user of Circles' tools for mobile phone geolocation and call interception. Leaked emails from 2012 revealed that the BIA had received a demonstration of Hacking Team's RCS spyware.
        www.bne.eu