Smartphone Spyware Used for Illegal Wiretapping in Romania

Fifty people arrested

  Fifty people arrested in Romania for using spyware to intercept mobile communications
2 photosVIEW ALL 
Romanian authorities arrested 50 individuals for using a special mobile-phone program to spy on their spouses, business partners or the competition. The spyware was able to steal call logs, e-mails, SMS messages or GPS data from smartphones and allowed attackers to eavesdrop on active phone calls and private discussions held in the vicinity of the device.

On Wednesday, the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), with the help of special police units carried out a major operation involving simultaneous raids at 53 private residences spread across the country. Authorities detained a total of 80 people, of whom 50 were charged for unauthorized telecommunications surveillance that violated national security legislation.

Police also arrested Dan Nicolae Oproiu, 30, of Deva, Hunedoara, an IT specialist who sold the surveillance program through a variety of websites. According to DIICOT, the spyware application was available for Symbian, Windows Mobile, iPhone OS and BlackBerry OS and came in three versions - Light, Pro and ProXRecorder, which differed in features.

Local media reports that Oproiu made his offer known through spam and sold licenses for one, two or six months, depending on the needs of his clients. The cheapest variant is said to have cost around 160 euros ($203), while the full-option one 475 euro ($580).

Even though the program was not named by authorities and other sources speculated that it was of Thai origin, following our own investigation, we're pretty confident that Oproiu was a reseller for a program called FlexiSPY. This "spyphone software" is produced by a company based in Seychelles and has been known since at least early 2006. It comes in LIGHT, PRO and PRO-X variants and it also looks like Oproiu added over 50 euros to the original price of each version.

Once installed on a phone, the most complete FlexiSPY variant is able to read SMS messages, emails, call logs and GPS locations and upload the captured data to an online server, where it can be viewed by the spy. It also allows the compromised phone to be used as a listening device. When receiving a call from a predefined number, the phone will answer automatically, allowing the caller to eavesdrop on anything going on in the surrounding environment.

The PRO-X version also gives an attacker the ability to listen in on actual phone calls in progress. A complementary software package called FlexiRECORD, which is sold separately, allows the recording of calls automatically from a Windows computer. The audio files are stored in MP3 format and can be played back at a later date. All FlexiSPY versions detect SIM card changes and reconfigure themselves accordingly. The software can also be controlled remotely by sending commands via SMS to the compromised phones.

Most of Oproiu's clients who were arrested two days ago did not have a criminal background and many were members of the so-called upper class. The list includes several businessmen, doctors, engineers, as well as a government official, a former member of the Parliament, a police officer, a prosecutor and even a judge. There are also strong indications that the software was also unlawfully used by several detective agencies and private investigators.

The prosecutors said that physical access to the target phone was needed to install the software. This operation required anywhere from three to 15 minutes, depending on the operating system of the device. Installing it on the phone of one's lover or spouse was easy, but, to target other people, the attackers preloaded the phones with the spyware and gave them away as gifts. There is no evidence that any of the captured pieces of information was used for blackmail.

Even though the company producing FlexiSPY claims its software is legal, some antivirus vendors, like F-Secure, detect it as a trojan. It's worth noting that one of the very few examples of legit use for such a program is when a parent installs it on the phone of their minor child.

Of course, jealous individuals have been spying on their partners since forever, but people should know that there are legal limitations to such acts. In most countries, the right to private communications is protected by law. For example, Article 28 of the Romanian Constitution reads, "The secrecy of letters, telegrams, and other postal communications, of telephone conversations, and of any other legal means of communication is inviolable."

If you are a smartphone owner who doubts the utility of an antivirus program for your device, you might want to reconsider that position, because you never know who might be interested in your conversations. Last July, the largest mobile carrier in the United Arab Emirates, Etisalat, distributed similar spyware to its BlackBerry customers, under the cover of an official software update.

You can follow the editor on Twitter
@lconstantin

Photo Gallery (2 Images)

Gallery Image
01
Gallery Image
02

2 Comments

By    4 Jun 2010, 10:11 GMT