Russian investigators hacked the phone of opposition politician and human rights activist Andrey Pivovarov using technology from Israeli digital forensics firm Cellebrite, despite the company’s public claim that it had severed ties with Russian government agencies.

The incident, documented by researchers at the Citizen Lab at the University of Toronto, underscores how little control surveillance-technology vendors may have once their products are deployed inside state security services.

Cellebrite, which sells phone-unlocking hardware and software to law enforcement and security agencies worldwide, had announced it would halt all sales and services to Russia and terminate existing licenses. The company has said that once it cuts off a government customer, it can remotely stop devices from functioning or receiving updates.

Yet Citizen Lab says a Russian investigative unit used Cellebrite’s UFED phone-hacking system to break into Pivovarov’s iPhone while he was in custody. Forensic traces on the device, along with a Russian court document from his prosecution, describe the use of UFED to extract WhatsApp and Telegram messages and to search for political keywords and the names of opposition figures.

Cellebrite’s chief marketing officer told Citizen Lab that any use of its legacy hardware in Russia after the announced cutoff was “entirely unauthorized.” The company did not answer detailed questions about how its tools could still be operating in Russian hands or whether it had attempted to remotely disable them.

Human rights lawyer Eitay Mack, who has long campaigned against commercial surveillance vendors, said the case illustrates the limits of simply ending contracts or revoking licenses. Once powerful extraction tools are delivered, he argued, former customers can continue to use them unless the vendor enforces robust technical kill switches and demands that equipment be dismantled.

Citizen Lab senior researcher John Scott-Railton has urged Cellebrite to go further by remotely disabling tools after credible reports of abuse and embedding cryptographically signed watermarks in every extraction. Such fingerprints would allow investigators to trace which specific device was used in a given operation, reducing what he calls the “era of plausible deniability.”

The Pivovarov case adds Russia to a growing list of countries where Cellebrite technology has allegedly been used against dissidents, journalists, and activists, raising broader questions about whether Western surveillance firms can meaningfully police the downstream use of their products once they enter repressive security apparatuses.