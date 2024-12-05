Expert comment: Alleged FSB Spyware on Russian Programmer’s Android Phone

December 2024 by Ken Westin, Sr. Solutions Engineer, LimaCharlie

"If a device is confiscated by an authoritarian regime, there is a very good chance it has been compromised. When they have physical access to the device it is much easier to compromise, as you are not relying on remote exploitation of the device. There are many more methods to compromise a device when it is connected to a cable. Also, not having to crack the password, as they can get it by intimidating and even beating the target into providing it, makes the process even easier. Many companies have security polices to bring "burner" devices to certain countries for this reason. If a device is confiscated temporarily or left in a hotel room, the likelihood of it being compromised due to spies having physical access increases substantially."