← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Android Zero-Day Exploited in Spyware Campaigns, Amnesty International Points to Cellebrite
In February 2024, Slaviša Milanov, an independent journalist from Dimitrovgrad in Serbia who covers local
interest news stories, was brought into a police station after a seemingly routine traffic stop.
After Slaviša was released, he noticed that his phone, which he had left at the police station reception at the
request of the officers, was acting strangely – the data and wi-fi settings were turned off. Aware that this can
be a sign of hacking, and mindful of the surveillance threats facing journalists in Serbia, Slaviša contacted
Amnesty International’s Security Lab to request an analysis of his phone.
Indicators of Compromise (19)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 99d2c67afe21e2eed4606ea7ebaa1b3e | MD5 of 54ee2c4f3e2396b6f92def135d68abd35d63ca7f9c304633a36f705ba4728cb7 | 2024-12-20 | |
| FileHash-MD5 | d34d318528e55a33c8c19e2222521b84 | MD5 of d55e492d5fce87898e065572a5553d1ac1389cd12bf3d28cabc1218cb29780af | 2024-12-20 | |
| FileHash-SHA1 | 5c431199dc6f56c45eea8f2f982ea83442b38134 | SHA1 of 54ee2c4f3e2396b6f92def135d68abd35d63ca7f9c304633a36f705ba4728cb7 | 2024-12-20 | |
| FileHash-SHA1 | b276a840310e7576c57fad69c37de7e1ae6e2abe | SHA1 of d55e492d5fce87898e065572a5553d1ac1389cd12bf3d28cabc1218cb29780af | 2024-12-20 | |
| FileHash-SHA256 | 087fc1217c897033425fe7f1f12b913cd48918c875e99c25bdb9e1ffcf80f57e | — | 2024-12-20 | |
| FileHash-SHA256 | 54ee2c4f3e2396b6f92def135d68abd35d63ca7f9c304633a36f705ba4728cb7 | — | 2024-12-20 | |
| FileHash-SHA256 | 99673ce7f10e938ed73ed4a99930fbd6499983caa7a2c1b9e3f0e0bb0a5df602 | — | 2024-12-20 | |
| FileHash-SHA256 | d55e492d5fce87898e065572a5553d1ac1389cd12bf3d28cabc1218cb29780af | — | 2024-12-20 | |
| domain | bitlyrs.com | — | 2024-12-20 | |
| domain | bumabara.bid | — | 2024-12-20 | |
| domain | cellconn.net | — | 2024-12-20 | |
| domain | danas.bid | — | 2024-12-20 | |
| domain | kormoran.bid | — | 2024-12-20 | |
| domain | novosti.bid | — | 2024-12-20 | |
| domain | politika.bid | — | 2024-12-20 | |
| domain | prmopromo.com | — | 2024-12-20 | |
| domain | supportset.net | — | 2024-12-20 | |
| domain | svetovid.bid | — | 2024-12-20 | |
| domain | telenorconn.com | — | 2024-12-20 |