A shocking expose by Russian software developer Kirill Parubets reveals how Moscow’s Federal Security Service (FSB) infects computers with spyware.
The developer, who is an active Ukrainian activist, claims he was arrested in the capital where FSB officers installed spyware on his Android mobile phone. This is one of those sad stories which remind us that even with physical access, the authorities are taking advantage to monitor and intimidate people.
Detained, Threatened, and Coerced
Programmer Claims Russia’s FSB Installed Spyware on His Android Phone:
Sigmund/Unsplash
Six armed FSB agents in April 2024 stormed Parubets’ apartment in Moscow, where they questioned him about the financial assistance he had sent to Ukraine and forced him to open his Android. Threatening with imprisonment, the agents compelled Parubets to unlock the device, according to TechCrunch.
The FSB detained Parubets and his wife afterward, supposedly threatening and beating him. The programmer said it’s a “terrifying and traumatic ordeal.”
Parubets claimed that the FSB required him to spy on a friend, code-named “Ivan Ivanov,” whom they suspected of having connections with Ukraine’s Special Services. He was afraid for his life and his wife’s so he pretended to agree but made plans to escape.
Read More:
Inc Ransom Hackers Compromises NHS Hospitals, Claims to Have Stolen Patient Data From 2018-2024
Detection of the Spyware
After being released on May 3, 2024, Parubets collected his belongings, which included his Android phone. Shortly thereafter, he noticed a strange notification: “Arm cortex vx3 synchronization.”
The phone rebooted. With his expertise in cybersecurity, he quickly detected a suspicious application masquerading as the authentic Cube Call Recorder application.
Seeking aid, Parubets approached the First Department, a legal aid service, which in turn commissioned Citizen Lab, a cyber watchdog.
They analyzed the app and established that it was indeed sophisticated spyware that could access all personal data, record video, read messages, and trace location—all permissions the original Cube Call Recorder does not demand.
A New Version of Monokle Spyware
Citizen Lab traced the spyware back to an updated variant of Monokle, a malware developed by Russia’s Special Technology Centre, previously sanctioned for aiding government surveillance. It is an example of high-end spyware developed for years with professionalism and underlines the danger of physical access to the device.
As pointed out by researcher Cooper Quintin, spyware reminds us that threats to device security are not only in remote hacking. Physical confiscation and coercion, as happened in the case of Parubets, are equally powerful methods.
Implications for High-Risk Individuals
First Department member Dmitry Zair-Bek warned that such tactics would become even more widespread. “The scale of repression is terrifying,” he said, referring to the heightened risks for Ukrainians and Western visitors in Russia. He advised not to trust devices confiscated by security services.
Parubets and his wife successfully escaped Russia, leaving behind the compromised phone as a measure to delay their escape. His experience shows that even an established programmer can get hijacked by the government if it wants to.
Protect Yourself from Spyware
Do these things to protect yourself from spyware:
Parubets’s story is a hard slap in reality—only goes to show that the extreme measures oppressive regimes are willing to take to monitor and suppress dissent. As technology advances, so must vigilance against misuse.
Related Article:
Google Accuses Russia of Using Stolen Spyware Exploits From NSO, Intellexa
