Firm accused of selling spyware to Turkey files for insolvency amid investigation

A company accused by German authorities of supplying authoritarian countries such as Turkey, Egypt and Myanmar with trojan software that could be used to eavesdrop on dissidents has shut down operations and filed for insolvency, Turkish Minute reported, citing the Bloomberg news website.

FinFisher GmbH sold spyware to law enforcement and intelligence agencies that allows users to access address books, chat messages, photographs and videos on targeted smartphones as well as listen in on telephone conversations.

Human rights groups accused the company of providing the technology to authoritarian governments that used it to target activists and journalists.

In 2020, after a criminal complaint filed by several NGOs, German police carried out raids on 15 properties with links to the Munich-based surveillance software firm over allegations that the firm illegally exported trojan software known as FinSpy to various countries including Turkey.

The software is allegedly used in Turkey to spy on opposition politicians and activists.

In early February the Munich-based FinFisher and two related firms — FinFisher Labs GmbH and raedarius m8 GmbH — filed for insolvency, Bloomberg said, citing the German insolvency administrator JAFFÉ Rechtsanwälte Insolvenzverwalter.

A spokesperson for the public prosecutor’s office in Munich told Bloomberg that insolvency has had an impact on the ongoing probe. An order by the prosecutor’s office to seize FinFisher assets is no longer possible due to the insolvency, the spokesperson was quoted as saying.

German news website Netzpolitik, which was was one of the organizations involved in bringing the criminal complaint against FinFisher, previously reported the news of FinFisher’s insolvency.

Spyware infected Turkish dissidents’ devices through fake website

According to a 2018 report by a group named Access Now, which defends the digital rights of users at risk around the world, a fake website targeted supporters of the main opposition Republican People’s Party (CHP) during three weeks of protests in July 2017 organized by the party against Turkish President Recep Tayyip Erdoğan.

Erdoğan is criticized for establishing one-man rule in the country, where dissent is suppressed and opponents are jailed on politically motivated charges.

The fake website, which was made to look like a platform of the organizers of the protests, was designed to persuade visitors to install a smartphone application. The application was a disguise for the FinSpy software, according to the Access Now report.

To avoid misuse, strict laws govern how surveillance software can be exported in Germany, where such products must be approved for export by the Federal Office of Economics and Export Control (BAFA), part of the Economy Ministry.

According to an analysis of its source code by Access Now, FinSpy was written in 2016, and Germany’s Economy Ministry has issued no new permits for spyware since 2015. The NGOs, therefore, argue that the software must have been exported without a permit.

According to a 2021 report, Finfisher’s Finspy was being used in 34 countries.

Take a second to support Stockholm Center for Freedom on Patreon!