We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Google Publishes Report on Commercial Spyware Vendors

Google Publishes Report on Commercial Spyware Vendors
Author Image Hendrik Human
Hendrik Human Published on 10th February 2024 Cybersecurity Researcher

Google's Threat Analysis Group (TAG) has published a report on the widespread use of commercial spyware, commonly supplied by Europe-based startups for government surveillance campaigns. In one recent campaign, government-backed hackers used tools supplied by Variston, a Barcelona-based spyware vendor, to exploit 3 zero-day vulnerabilities in the iOS operating system.

As part of its research, Google TAG tracks roughly 40 commercial surveillance vendors (CSVs) who supply spyware to government entities. Among its findings, it claims that half of known 0-day exploits on Google and Android ecosystems can be traced back to CSVs.

One of the CSV startups identified by Google is the Barcelona-based startup Variston. While its public face is that of an Information Security Solutions developer, Google has found spyware developed by the company being used in exploits across various devices in 2022 and 2023.

Now, Google reported that it uncovered an incident where iPhones in Indonesia were targeted by Variston’s spyware tools in March 2023, on behalf of an unknown government customer. The exploit-chain involved sending an SMS containing a harmful link which sneakily installs spyware on the victim’s device, then redirects them to an article on the website of local Indonesian news outlet Pikiran Rakyat.

In its report, Google asserts that Variston collaborates with several other organizations to develop and deliver spyware. One of those named by Google is Protected AE, which is also led by the founders of Variston: Ralf Wegener and Ramanan Jayaraman. The report also claims Variston has growing ties with BeaconRed, a subsidiary of the state-owned UAE defense company Edge Group.

Google warns that tools developed by CSVs are proliferating and evolving at an alarming rate. The TAG report stated “While the number of users targeted by spyware is small compared to other types of cyber threat activity, the follow-on effects are much broader”.

CSVs are already being used to target individuals like journalists, activists, and political dissenters, rather than to counter crime or terrorism. If the commercial spyware industry is allowed to grow, more and more governments may use such tools to encroach on individual freedoms and to oppress their populace.

About the Author

Hendrik is a writer at vpnMentor, specializing in VPN comparisons and user guides. With 5+ years of experience as a tech and cybersecurity writer, plus a background in corporate IT, he brings a variety of perspectives to test VPN services and analyze how they address the needs of different users.