New leak exposes shady world of ‘Stalkerware’ surveillance software
Monitoring software FlexiSPY, marketed at paranoid partners attempting to catch their other halves cheating, may have been provided to governments in countries including Turkey, Saudi Arabia and Bahrain according to a new leak.
Documents leaked to Motherboard, allegedly sourced from inside the organization, show the extent of FlexiSPY’s use and profitability.
The controversial software, built by a small company based in Thailand and described as “Stalkerware” may have been used in another piece of software built by British-German surveillance company Gamma, according to a 2011 document within the leak, cited by Motherboard.
The document described staff from FlexiSPY as assisting Gamma staff with the installation of the software ‘Cyclops,’ used on Gamma’s own surveillance program known as FinSpy.
Gamma was found to have sold FinSpy to the Bahraini government in 2012. While in 2015, evidence was found to show its use by governments in countries including Egypt, Saudi Arabia, Turkmenistan and Venezuela.
WikiLeaks SpyFiles series claimed FinSpy was used to spy on “journalists, activists and political dissidents.”
READ MORE: Governments spy on journalists with weaponized malware – WikiLeaks
Gamma was found to be in violation of human rights guidelines by the Organization for Economic Co-operation and Development in 2015. FlexiSpy, on the other hand, has continued to provide “Stalkerware” to a growing number of consumers.
"They're basically building illegal software in the Kingdom of Thailand," a former employee of FlexiSPY who wished to remain anonymous told Motherboard.
The software requires the user to gain once-off physical access to their target’s mobile device to install the malware. It then offers them a range of abilities including sending fake text messages, stealing passwords, taking a picture via their camera, monitoring their online use and chats and monitoring their Tinder use.
Israeli malware can hack isolated computers by forcing their LED indicators to blinkhttps://t.co/9GQM6JhAHfpic.twitter.com/slzGnsV2Zz
— RT (@RT_com) February 23, 2017
In 2006, their website read: "Protect your children, catch cheating spouses, the possibilities are endless."
This has since been toned down to “The World’s Most Powerful Monitoring Software for Computers, Mobile Phones and Tablets” detailing that the software can “Protect Children” and “Monitor Employees.”
One 2016 document obtained by Motherboard put FlexiSPY’s monthly revenue at $400,000 with the company priced at $20 million. Founder Atir Raihan is rumored to live a lavish lifestyle, spending much of the year holidaying and partying. His wealth is unknown and he has evaded interview requests thus far.
Speaking to Motherboard, Cindy Southworth from the National Network to End Domestic Violence said she was repulsed by how much profit the company has made through marketing to “abusers to facilitate criminal stalking in the past eleven years."
A presentation in the leak named “offshore” showed that the company’s finances were registered in the Seychelles with Mossack Fonseca, the firm behind the Panama Papers.
FlexiSPY software could have been used by Gamma as part of their reseller program, which allows buyers to sell FlexiSPY’s product labelled as their own, according to Motherboard.
A spreadsheet contained in the leak listed 22 countries where over 40 companies were contacted in regards to their reseller program.
Israel, India, China, Russia and the US are listed in the document. It is not known if these companies purchased FlexiSPY.
One company listed from the US also manufactures a “semen detector” kit for detecting cheating partners.
Following the leak, FlexiSPY’s user logon portal was taken offline. It was reported to be back operating on Saturday.
FlexiSpy's login portal for customers, where they can see info collected by malware, seemingly back online pic.twitter.com/ErnSjYsrQE
— Joseph Cox (@josephfcox) April 22, 2017