Risky Bulletin Srsly Risky Biz: Small beer surveillance firms escape crackdown, for now
Oct 16, 2025
A Jakarta-based firm is selling surveillance-as-a-service, raising alarms about unregulated sales practices. While big spyware vendors face scrutiny, smaller companies navigate under the radar, catering to questionable clients. The Chinese government capitalizes on hacking contests to bolster its cyber capabilities, further complicating the global surveillance landscape. Discussions dive into the impact of media and government on the spyware market, and the fallout for investors entangled with controversial firms like NSO.
AI Snips
Chapters
Transcript
Episode notes
SS7 Abuse Exposed By Data Archive
- First WAP exploited SS7 signaling flaws to locate devices and intercept calls and texts.
- Lighthouse Reports' archive showed ~1.5M historical pings revealing extensive targeting patterns.
Undercover Reporters Caught Sales Pitch
- Undercover reporters posed as customers and the First WAP sales exec readily suggested they could surveil activists for a mining company.
- The exec implied the company would use cutouts and disclaim direct involvement to distance itself from misuse.
Crackdown Creates A Market For Small Players
- Media and government pressure appears to have forced large spyware firms to adopt ethical limits and refuse sketchy customers.
- Smaller firms like First WAP now fill demand by operating with fewer restraints and less scrutiny.