Mollitiam Industries, a Spanish spyware company based in Toledo, has closed its doors following financial difficulties. Known for developing powerful surveillance software tools such as Invisible Man and Night Crawler, the company filed for bankruptcy on January 23. The shutdown marks the end of its controversial operations, which involved creating malware capable of extracting sensitive data from macOS and Windows devices. The spyware was designed to infiltrate target devices remotely or via USB, collecting information from messaging apps like Telegram and WhatsApp, and even activating cameras and microphones.
Mollitiam Industries' activities raised significant concerns among privacy advocates and organizations like Amnesty International, which tracked the company's operations. The spyware maker engaged in phishing and social engineering primarily targeting individuals in Spain, Colombia, and Peru. These operations often focused on political opponents, journalists, anti-corruption activists, and those opposing police abuse. The company’s tactics included running fake accounts for testing malicious capabilities and scraping public information, as noted by Meta.
“They also engaged in phishing and social engineering targeted primarily at people in Spain, Colombia and Peru, including the political opposition, journalists, anti-corruption activists and activists against police abuse.” – Meta
The downfall of Mollitiam Industries was first reported by Intelligence Online. Although active until the end of 2023, the company could not withstand its financial struggles. Its demise became evident when Meta removed a network of fake accounts linked to Mollitiam Industries on Facebook and Instagram in early 2024.
Despite its closure, the impact of Mollitiam's software continues to resonate. The spyware was capable of logging keystrokes, stealing passwords, and accessing a wide range of personal data stored on infected devices. An anonymous source detailed the far-reaching capabilities of the malware:
“This tool allows us to do everything: get into any computer, access WhatsApp and Telegram Web calls and conversations, download archived or deleted chat conversations, photos and in general whatever is stored in the memory of the infected machine,” – an anonymous source
Amnesty International was particularly critical of Mollitiam Industries' operational security practices. Jurre van Bergen, a technologist at Amnesty International’s Security Lab, commented on the company's lax security measures and eventual bankruptcy:
“Extremely sloppy work of a spyware manufacturer to not put that behind a firewall,” – Jurre van Bergen, a technologist at Amnesty International’s Security Lab
“I guess I’m not surprised given their sloppy work they went bankrupt.” – Jurre van Bergen, a technologist at Amnesty International’s Security Lab
Mollitiam Industries’ presence at ISS World conferences highlighted their ambitions to market products to law enforcement and intelligence agencies. However, the company's financial issues overshadowed these efforts. The firm reportedly employed between 11 and 50 people according to its LinkedIn profile.
Reports from various sources suggest that Mollitiam's operations included dubious practices. One source recounted an offer from a cyber-intelligence colonel to introduce malware into journalists’ computers:
“A cyber-intelligence colonel offered me 50 million pesos [around $15,000 at the time] to introduce a malware (virus) in the computers of Semana journalists and thus be able to access the information,” – a source
Leave a Reply