AMD fixes dozens of Windows 10 graphics driver security bugs
Void Balaur hackers-for-hire sell stolen mailboxes and private data
Russian ‘King of Fraud’ sentenced to 10 years for Methbot scheme
Windows 10 App Installer abused in BazarLoader malware attacks
Master the cloud with this pre-Black Friday deal on AWS training
FBI system hacked to email ‘urgent’ warning about fake cyberattacks
Fake end-to-end encrypted chat app distributes Android spyware
Surveillance firm pays $1 million fine after ‘spy van’ scandal
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
Surveillance firm’s 'spy van' scandal ends with $1 million GDPR fine
The Office of the Commissioner for Personal Data Protection in Cyprus has collected a $1 million fine from intelligence company WiSpear for gathering mobile data from various individuals arriving at the airport in Larnaca.
While this is just an administrative fine under the European Union’s General Data Protection Regulation (GDPR), it is related to a scandal two years ago widely publicized as the “spy van” case.
In 2019, a Chevrolet van packed with at least $3.5 million worth of equipment that could hack Android smartphones and steal data including WhatsApp and Signal messages, was stationed near the Larnaca airport.
The van had been in the area for months when politicians in Cyprus criticized the government for being passive about the activity of the vehicle after seeing its capabilities in action close to the airport in a video from Forbes.
In a press release today, the data protection watchdog in Cyprus announced that WiSpear paid an administrative fine of 925,000 euros for GDPR violations.
Irene Nicolaidou, the Commissioner for the Protection of Personal Data in Cyprus said that WiSpear’s van collected the Media Access Control (MAC) address and International Mobile Subscriber Identity (IMSI) of multiple devices.
A MAC address is a unique device identifier on a network, including the internet; the IMSI is a 15-digit number that mobile providers assign to terminals in a cellular network. Both can be used to identify and track individuals.
Collecting this data was part of “tests and presentations of technologies” from the company, which constituted mitigating factors, said Nicolaidou, adding that an investigation found that “no device monitoring or interception of any private communication” occurred.
When the “spy van” scandal broke in 2019, local media said that the Cyprus police seized the vehicle in mid-November and started an investigation months after Forbes journalist Thomas Brewster published a story about Tal Dilian, the owner of the van and CEO of WiSpear.
At the time, WiSpear was registered in Limassol, Cyprus. Headed by Dilian, a former career officer in the Israel Defense Forces (IDF), the company specialized in providing end-to-end WiFi interception and security solutions.
The equipment in the truck, Brewster writes, consisted of surveillance kits and antennas that could trace, compromise, and exfiltrate content from a mobile device, including chats (Facebook, WhatsApp), texts, calls, or contacts.
Depending on the surveillance power fitted in, Dilian’s truck could cost as much as $9 million.
Upon seizing the “spy van,” the police also arrested three WiSpear employees, Cyprus nationals, on 13 charges ranging from violation of privacy laws to processing private data, and breaking radio communications legal provisions.
They were later released as there was no justification for detaining them. At a term on October 9, one of them 
In statements about the arrests, WiSpear said that its employees were innocent and were installing a WiFi system at Larnaca airport as part of an agreement with operator Hermes Airports, FinancialMirror reports.
“Nine antennas of innovative technology out of which, three were installed in phase 1 to be tested as long-range Wi-Fi access point for visitors and tourists to enjoy high quality and high-speed internet access.”
However, the then-leader of the AKEL party claimed to have “extremely alarming” information about individuals related to the “spy van” case.
Between 1998 and 2002, Dilan was a commander of an independent service of the IDF called Unit 81 – for a long time a secretive technological division that specialized in building the most advanced technology for Israeli combat soldiers and spies.
Before WiSpear, Dilal founded Circles, the surveillance company that merged with NSO, the makers of the Pegasus spyware. Currently, he is running Intellexa, a company providing cyber-intelligence to law enforcement and intelligence agencies.
Bipartisan Coalition Bill Introduced to Reform NSA Surveillance
Researcher cracked 70% of WiFi networks sampled in Tel Aviv
FinFisher malware hijacks Windows Boot Manager with UEFI bootkit
QNAP fixes critical bugs in QVR video surveillance solution
Former U.S. intel operatives to pay $1.6M for hacking for foreign govt
Not a member yet? Register Now
Costco discloses data breach after finding credit card skimmer
Zero-day bug in all Windows versions gets free unofficial patch
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

The Week in Ransomware – December 17th 2021 – Enter Log4j

TellYouThePass ransomware revived in Linux, Windows Log4j attacksCredit card info of 1.8…

NUCLEUS:13 TCP security bugs impact critical healthcare devices

State hackers breach defense, energy, healthcare orgs worldwideMediaMarkt hit by Hive ransomware,…

Phishing attacks impersonate Pfizer in fake requests for quotation

Microsoft warns of easy Windows domain takeover via Active Directory bugsUK govt…

Cox discloses data breach after hacker impersonates support agent

Emotet now drops Cobalt Strike, fast forwards ransomware attacksSonicWall ‘strongly urges’ customers…