Spyware startup Variston may be shutting down
"Spyware startup Variston is losing staff — some say it’s closing" 15 February 2024
...[I]n November 2022, Google’s Threat Analysis Group, the company’s team that investigates government-backed threats, published a blog post analyzing those exploits and the Heliconia framework. Google’s researchers concluded that the code belonged to Variston, a Barcelona-based startup that was unknown to the public.
“It was a huge crisis at the time, mainly because we had stayed under the radar for quite a while,” a former Variston employee told TechCrunch. “Everyone believed that in the end we’d be exposed by being caught [in the wild], but it was a leaker instead.”
Another former Variston employee said that the code was sent to Google by a disgruntled company employee and that after it happened, Variston’s name and secrecy were “burned.”..
...In March 2023, the tech giant’s researchers found that spyware made by Variston was used in the United Arab Emirates. Last week, Google reported that it found Variston hacking tools used against iPhone owners in Indonesia.
In the past year, more than half a dozen Variston employees have left the company, they told TechCrunch on the condition of anonymity, as they were not authorized to speak to the press because of nondisclosure agreements.
Now, according to four former employees and two people with knowledge of the spyware market, Variston is shutting down...
...According to Spanish business records seen by TechCrunch, Variston was founded in Barcelona in 2018, listing Ralf Wegener and Ramanan Jayaraman as the founders and directors....Neither Wegener nor Jayaraman responded to multiple emails from TechCrunch requesting comment about Variston. An email to Variston’s public email address went unreturned...
...According to the former Variston employees, this level of secrecy also applied to the identity of the company’s customers — except for its special relationship with Protect, a company based in the United Arab Emirates city of Abu Dhabi. “Variston was a supplier of Protect,” said a person with knowledge of Protect’s operations, who asked to remain anonymous because they were not authorized to speak to the press. “It was an important relationship for both for a while.” The company’s work “was going to the UAE,” and that Protect was “de facto the only customer,” according to former Variston employees...
...As of 2019, Protect was headed by Awad Al Shamsi and was providing “UAE government users with discreet access to foreign cyber technology,” reported Intelligence Online. It’s not known if Al Shamsi is still at Protect, and Al Shamsi did not respond to an email requesting comment. Protect did not respond to several other emails from TechCrunch...
...Wegener is a veteran of the spyware industry. According to Intelligence Online, Wegener runs several other companies, some based in Cyprus and also co-owned by Jayaraman. Wegener used to work at AGT, or Advanced German Technology, a surveillance provider founded in Berlin in 2001 with an office in Dubai. In 2007, along with Italian spyware maker RCS Lab, AGT worked with the Syrian government to develop a centralized real-time country-wide internet monitoring system, according to news reports based on leaked documents and research by nonprofit Privacy International. Eventually, AGT did not provide the system to the Syrian government...