An Israeli surveillance company promised to cut ties with Russia, but Putin's government continued using its phone-hacking tools anyway.
According to TechCrunch's investigation, security researchers at The Citizen Lab found evidence that Russian authorities broke into the iPhone of Andrey Pivovarov—a prominent political dissident and opposition politician—using technology made by Cellebrite, the forensics firm headquartered in Israel with offices in Virginia.
Cellebrite had publicly announced just three months earlier, in March 2021, that it would immediately stop selling to Russian government customers.
Researchers discovered the hack occurred in June 2021, months after Cellebrite claimed it could remotely brick devices sold to Russia and block software updates. Pivovarov's phone remained active. The company's website stated it could "stop the device from functioning" for sanctioned customers—but the evidence indicates otherwise.
Once powerful hacking tools reach a customer's hands, retrieving them is nearly impossible. The technology proliferates, gets weaponized, and continues to be abused long after the maker severs the commercial relationship.
Israeli human rights lawyer Eitay Mack, who has spent years scrutinizing surveillance companies like Cellebrite and NSO Group (the Pegasus spyware makers), said: "It's not surprising, and [it] is the result of the policies of Cellebrite." He points out that revoking a software license does not stop former customers from continuing to abuse the technology.
The case raises uncomfortable questions for any Western tech company selling to governments: can you really control what happens to your tools once they are deployed? Cellebrite's failure to actually disconnect Russia suggests the answer is no.
