In a troubling revelation for digital rights advocates, security researchers have found evidence that Russian authorities used a phone-unlocking device made by Israeli firm Cellebrite to hack the iPhone of a political opponent — despite the company's public pledge to stop selling to the Russian government. The findings, reported by TechCrunch and corroborated by other outlets, are the latest in a series of incidents that expose the gap between corporate promises and actual enforcement of export controls on surveillance technology.

How Cellebrite's Tools Ended Up in Russian Hands

Cellebrite, a Israeli digital intelligence company known for its phone-cracking devices used by law enforcement worldwide, announced in March 2022 that it would suspend sales to Russia following the invasion of Ukraine. However, new evidence obtained by security researchers shows that Russian authorities accessed Cellebrite's UFED (Universal Forensic Extraction Device) to extract data from the iPhone of a political opponent. The device, which can bypass encryption and unlock phones, was reportedly used in a forensic examination that yielded sensitive information.

The findings raise serious questions about Cellebrite's ability to control the distribution and use of its products after the initial sale. "Once these tools are in the field, it's nearly impossible for a company to ensure they aren't being transferred or resold to prohibited end users," said a cybersecurity expert who spoke on condition of anonymity.

Broader Pattern: Chinese Police Also Acquired Cellebrite Devices

This is not an isolated incident. An investigation by The Intercept revealed that Chinese police continued to buy Cellebrite phone crackers even after the company said it had ended sales to China. The report found that Chinese law enforcement agencies obtained the devices through third-party distributors, circumventing Cellebrite's stated policy. The company had previously claimed it halted sales to China in 2020 due to human rights concerns, but procurement records show purchases as recently as 2023.

"The Chinese case shows a systemic failure in Cellebrite's compliance mechanisms," noted a researcher from the Pulitzer Center, which has extensively covered the use of surveillance technology in authoritarian states. "Companies like Cellebrite must implement robust end-user verification and post-sale monitoring, but profit motives often undermine these efforts."

Wider Implications for Activists and Dissidents

The use of Cellebrite's tools by repressive regimes has direct consequences for human rights defenders. In Russia, the hacked iPhone belonged to a political opponent of the Kremlin, whose data could be used for intimidation or prosecution. Similarly, in China, the devices have been linked to predictive policing programs that target ethnic minorities and activists, as reported by the Pulitzer Center.

"Israeli spyware is endangering activists across the globe," wrote In These Times in a related feature. The article highlighted how Cellebrite's technology, along with other Israeli surveillance firms like NSO Group, has been deployed against journalists, lawyers, and opposition figures in countries with poor human rights records.

Industry Response and Regulatory Gaps

Cellebrite has not publicly commented on the latest findings, but the company maintains that it complies with all applicable export laws and has strict policies against misuse. However, critics argue that self-regulation is insufficient. "The Israeli government has a responsibility to enforce export controls on dual-use technologies," said a policy analyst at a digital rights organization. "But without independent oversight, companies can make promises they don't keep."

The revelations come amid broader scrutiny of the surveillance industry. In the United States, lawmakers have proposed legislation to tighten controls on the export of hacking tools. Meanwhile, the European Union is considering new regulations that would require companies to conduct human rights due diligence before selling surveillance technology.

What This Means for the Future

As digital surveillance becomes increasingly sophisticated, the gap between corporate ethics and real-world use continues to widen. The Cellebrite cases in Russia and China are stark reminders that technology designed for legitimate law enforcement can easily be repurposed for repression. For activists and dissidents, the message is clear: even when companies say they have cut off sales, the tools may still find their way into the hands of those who seek to silence them.

Moving forward, experts call for greater transparency, independent auditing, and stronger international cooperation to prevent the misuse of surveillance technology. Until then, the promises of companies like Cellebrite will remain just that — promises.