Serbia’s Spyware Scandal: NoviSpy Strikes Androids with Qualcomm Flaw Exploits
The Serbian government turned Qualcomm zero-days into their secret weapon, NoviSpy, to snoop on activists and journalists. Google and Amnesty International uncovered the plot, revealing a real-life spy thriller with a tech twist. Qualcomm’s vulnerabilities became the unintentional accomplices in this Android espionage saga.
Hot Take:
Welcome to the 21st century, where governments are now playing James Bond with a side of Android hacking. The Serbian authorities have taken a page from the spy thriller playbook, but instead of a suave secret agent, we get a zero-day exploit and some poor journalists’ compromised smartphones. All this, courtesy of our pals at Qualcomm and a sprinkle of zero-click magic. I guess the Serbian government missed the memo that this isn’t a video game, and you shouldn’t use cheat codes in real life.
Key Points:
- Serbian government uses Qualcomm zero-days to deploy NoviSpy spyware on Android devices.
- Exploits discovered by Amnesty International’s Security Lab after analyzing compromised phones.
- NoviSpy targets journalists, activists, and protestors, with hundreds of devices potentially affected.
- Google Project Zero identifies six vulnerabilities in Qualcomm’s DSP driver, with only some patched.
- Qualcomm acknowledges vulnerabilities, promises fixes, and emphasizes security updates.