A programmer claims Russian security services installed spyware on his Android phone after detaining him in Moscow. Security researchers confirmed the presence of spyware, likely installed during the detention when authorities had physical access to his phone and forced him to disclose his passcode.
The programmer, Kirill Parubets, a Russian systems analyst with Ukrainian heritage and political activist, had traveled to Russia to handle paperwork related to obtaining Moldovan citizenship. During a raid on his apartment, armed FSB agents seized his phone and demanded his password.
Following his arrest and detention, Parubets was pressured to spy on a friend and threatened with life imprisonment. After his release, he discovered a suspicious app on his phone, which security researchers identified as a trojanized version of a legitimate call recorder app. This app granted extensive access to his personal data, including location, messages, and camera functions.
The spyware is believed to be a new version of Monokle, malware previously linked to a Russian government-affiliated company.