Surveillance firm pays $1 million fine after 'spy van' scandal:
The Office of the Commissioner for Personal Data Protection in Cyprus has collected a $1 million fine from intelligence company WiSpear for gathering mobile data from various individuals arriving at the airport in Larnaca.
While this is just an administrative fine under the European Union's General Data Protection Regulation (GDPR), it is related to a scandal two years ago widely publicized as the "spy van" case.
In 2019, a Chevrolet van packed with at least $3.5 million worth of equipment that could hack Android smartphones and steal data including WhatsApp and Signal messages, was stationed near the Larnaca airport.
The van had been in the area for months when politicians in Cyprus criticized the government for being passive about the activity of the vehicle after seeing its capabilities in action close to the airport in a video from Forbes.
In a press release today, the data protection watchdog in Cyprus announced that WiSpear paid an administrative fine of 925,000 euros for GDPR violations.
(Score: 0) by Anonymous Coward on Monday November 15 2021, @11:41PM (3 children)
https://www.nasa.gov/image-feature/mocha-swirls-in-jupiter-s-turbulent-atmosphere [nasa.gov]
(Score: 0) by Anonymous Coward on Monday November 15 2021, @11:44PM (2 children)
errr wrong article lol
(Score: 1) by Frigatebird on Monday November 15 2021, @11:50PM (1 child)
Was going for the NSA link, and linked to the up-link instead!
(Score: 0) by Anonymous Coward on Tuesday November 16 2021, @11:43AM
to "the van" or from it, and do we need to be near the airport for it to look lke more than a pic of jupiter, huh NaSA operator?
(Score: 4, Insightful) by looorg on Monday November 15 2021, @11:42PM (3 children)
Is there more then one van? The one here is mentioned to contain equipment worth $3.5 million, in the article there is a $9 million dollar van. Not quite sure if they are the same van or different vans. Anyhow if you equip a van (or two) with that kind of equipment you can be sure that they made their money back and/or more so then a fine of €925k (or about $1 million) is nothing but the cost of doing business. Size wise nothing but a slap on the wrist.
Suuuuure.
Coolest backstory ever.
(Score: 3, Interesting) by Some call me Tim on Tuesday November 16 2021, @02:04AM (1 child)
I've got a $4.00 can of metallic spray paint for the antennas that just rendered your $3.5 million dollars worth of equipment useless. If that doesn't work I can always go to the bananas in the tail pipe.
Questioning science is how you do science!
(Score: 3, Insightful) by epitaxial on Tuesday November 16 2021, @03:28AM
I was thinking a molotov would work better.
(Score: 2) by mhajicek on Tuesday November 16 2021, @09:12AM
The van and it's contents are implements of criminal activity, and should be forfeited.
The spacelike surfaces of time foliations can have a cusp at the surface of discontinuity. - P. Hajicek
(Score: 3, Interesting) by bloodnok on Tuesday November 16 2021, @01:39AM (9 children)
Signal messages? How?
Anyone have any idea? I thought Signal was supposed to be proof against this sort of thing.
Anyone?
__
The major
(Score: 2) by bmimatt on Tuesday November 16 2021, @01:50AM
Came here to get an answer to that question as well.
Could someone well versed in the subject shed some light on how that's possible, please?
(Score: 2) by NateMich on Tuesday November 16 2021, @01:59AM
Is that a joke? Nothing is proof against that sort of thing.
(Score: 3, Insightful) by Anonymous Coward on Tuesday November 16 2021, @02:49AM (6 children)
If the smartphone is hacked, the end-to-end encryption don't do jack.
(Score: 1) by nekomata on Tuesday November 16 2021, @10:59AM (4 children)
The way I read the blurp is sounds like they intercepted traffic (or rather re-routed the smartphones through their own system). This still sucks, but should not make reading WhatsApp and Signal messages possible (SMS on the other hand...).
(Score: 0) by Anonymous Coward on Tuesday November 16 2021, @03:13PM (3 children)
Think again: https://comsec.ethz.ch/research/dram/blacksmith/ [comsec.ethz.ch]
(Score: 2) by PiMuNu on Tuesday November 16 2021, @04:37PM (2 children)
How can this be applied to a passive (listening device)?
(Score: 0) by Anonymous Coward on Tuesday November 16 2021, @05:24PM (1 child)
Because it's probably actually just a stingray or related technology with plenty of capability to MITM wireless traffic?
(Score: 2) by looorg on Tuesday November 16 2021, @09:55PM
This is what I'm thinking, this is a Stingray or Pineapple device of sorts that overpower all other signals and force people to connect to it and from there on end it's just game over as all traffic will be going thru it.
They even more or less state it as their back/cover story that this was a test to provide super fast wifi to all the people waiting at the airport. It would/should be trivial from there on to create a MITM attack on them no matter what.
(Score: 3, Insightful) by nekomata on Tuesday November 16 2021, @11:01AM
Actually upon further investigation, they based the interception on WiFi. And also compromised devices.
> At the time, WiSpear was registered in Limassol, Cyprus. Headed by Dilian, a former career officer in the Israel Defense Forces (IDF), the company specialized in providing end-to-end WiFi interception and security solutions.
>The equipment in the truck, Brewster writes, consisted of surveillance kits and antennas that could trace, compromise, and exfiltrate content from a mobile device, including chats (Facebook, WhatsApp), texts, calls, or contacts.