Turkey Using German Spy Software On Opposition Politicians & Activists

Uploaded on 2018-05-23 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

Opposition protesters in Turkey were reportedly deceived into downloading a spy app made by a German firm despite Germany having previously vowed to block exports of spy software to authoritarian countries.

The Turkish government used a German-made spy program to infiltrate the smartphones of Turkish opposition members, according to a report seen by German media. 

Germany has strict rules for exporting spy software and has in the past vowed to block exports to authoritarian countries.

What we Know so far:
German daily newspaper Süddeutsche Zeitung and public broadcasters NDR and WDR reported the news based on a study by the digital rights group Access Now. Access Now found evidence that Turkish officials had used the program "Finspy" by Finfisher, a German company headquartered in Munich, to spy on members of the opposition party CHP.

The software was primarily used during a three-week protest against Turkish President Recep Erdogan organized by CHP leader Kemal Kilicdaroglu in July 2017. Fake Twitter accounts posted links to websites that promised to inform protesters about the demonstration if they downloaded a smartphone app.

The app included Finspy software and allowed the government to gain real-time access to the smartphone owners contacts, photos and videos.

A security expert at Germany's University of Bochum independently analyzed the software and told the Süddeutsche Zeitung newspaper and regional broadcasters NDR and WDR that "it appeared to be a newer version" of previous Finspy software.

What were the Reactions?
Responding to a question by the three media outlets, the German Economy Ministry said it had not approved any export licenses for spy software since October 2014.  FinFisher refused to comment on the story after being contacted by Süddeutsche Zeitung, NDR and WDR.

The Germany director for Human Rights Watch, Wenzel Michalski, wrote on Twitter: "This [news] would mean there are holes in our export regulations. This must be investigated immediately." Green lawmaker Konstantin von Notz wrote on Twitter: "Turkish spy attacks on the opposition with technology that was created with German tax money and should never have been exported?! The #GroKo [German coalition government] must urgently clarify [the situation] and prevent something like this from happening in the future."

Germany's export policy: The same three media outlets reported in 2014 that then-Economy Minister Sigmar Gabriel wanted to stop exports of spy software to authoritarian governments. Gabriel was quoted as saying: "We want to stop the export of these types of technologies to countries that suppress civil rights movements and that do not accept basic human rights."

What is Finfisher? The company works exclusively with governments to provide police and intelligence software. On its website, it says its mission is "to provide first-class cyber solutions and knowledge for successful operations against organised crime."

DW

You Might Also Read: 

Some Notes About Wassenaar:

Snowden’s Haven - A New Surveillance App:

Biter Bitten: The Hacking Team Hit by Breach:
 

« Meet Tess: The Mental Health Chatbot
Facebook Suspends Hundreds Of Apps »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer is a global law firm with a track record of successfully supporting the world's leading corporations, financial institutions and governments.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

OcuCloud

OcuCloud

OcuCloud protects businesses' valuable information in the cloud, preventing security breaches caused by employees and remote vendors.

Indeed

Indeed

Indeed is a worldwide employment-related search engine for job listings covering job types in all industries, including cybersecurity.

Cyber Security Jobs

Cyber Security Jobs

Cyber Security Jobs was formed to help job seekers find jobs and recruiters fill cyber security job vacancies.

WiSecure Technologies

WiSecure Technologies

WiSecure Technologies aims to develop cryptographic products meeting requirements in the new economic era.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.

Deloitte Denmark

Deloitte Denmark

Swift incident management, worldwide support, and advanced defense strategies ensure comprehensive recovery and enterprise security with our IR service.

Diverto

Diverto

Diverto is a company that provides a high level of information security to companies, institutions and other organisations in an information-centric world.

Harness

Harness

Harness delivers an end-to-end software delivery platform that helps engineering teams achieve the highest levels of engineering excellence.