Let’s keep it a buck from the jump: when these massive tech corporations run to the media talking about how they’re doing the "right thing" and cutting ties with shady governments, you better check the fine print. Because most of the time, it’s just a front to keep their stock price up while they leave the back door wide open. A wild new report from the Citizen Lab crew over at the University of Toronto just proved that Russian authorities used high-tech phone-cracking tools made by the Israeli company Cellebrite to bust into a political prisoner’s phone. And they did this months after Cellebrite claimed they completely canceled their contracts and washed their hands of Russia.

The victim in this situation was a man named Andrei Pivovarov, who was running a pro-democracy group called Open Russia. The Russian feds locked him up back in May 2021, and he ended up doing more than three years in the pen before he was finally let loose in a massive prisoner swap that also got Wall Street Journal reporter Evan Gershkovich out of the country. But while Pivovarov was sitting in a cell, the authorities were busy stripping his phone down to the bone using Cellebrite’s forensic tech.

We aren't talking about them just guessing his passcode either. The feds went deep into his device and extracted his entire life—his contact lists, his personal photos, and all his private chats on WhatsApp and Viber. The Russian state prosecution didn't even try to hide it; they put all the extracted data right into the official court documents and handed them over to Pivovarov during his trial to build their criminal case against him.

Pivovarov called the whole thing a straight-up violation of his privacy, and no cap, it put his entire crew in serious danger. As soon as the feds got their hands on his contact list, they started looking for other people to lock up. Because of that, several of Pivovarov’s colleagues had to pack up their bags and skip town immediately. To make it even worse, Citizen Lab found out that some of the people in Pivovarov’s contacts were later targeted by Coldriver, which is a hacking group linked directly to Russian state intelligence.

Citizen Lab said they are "highly confident" that Cellebrite’s tools were used in the hack. And they got the receipts to prove it because the official paperwork from the Russian prosecution literally spells out the forensic methods they used. This completely blows up Cellebrite’s public story from early 2021, when they claimed they were stopping all sales and services to Russia and Belarus.