German authorities have searched the offices of FinFisher, a Munich-based company behind the infamous FinSpy spyware. The raids were carried out on suspicion that company illigaly exported its software to other countries.

The raids ordered by the Munich Public Prosecutor's Office took place earlier in October. The investigators searched 15 properties in Germany and abroad, including business premises of FinFisher GmbH and the private apartments of the managing directors, along with a partner company in Romania.

FinSpy is a powerful spyware, which can access address books, photographs and videos on targeted smartphones, as well as listening in on telephone conversations. While the spyware is being touted as a legal law enforcement tool it has also been found in use by oppressive regimes.

Germany has strict rules governing the control of exports of surveillance technology. According to a report fr om DW, the FinSpy tool surfaced in countries wh ere the German government had not issued an export license, including Turkey, suggesting that FinFisher has found a way to get around the law by operating a parallel business structure.

“Data from the Malaysian commercial register shows that Stephan Oelkers, one of the businessmen behind FinFisher, founded a company there in 2015 under the name Raedarius M8 Limited. During this time, the export of spy software was much less strictly regulated in Germany,” the report said.

“Currently, 25% of the shares in Raedarius M8 belong to a FinSpy developer. The rest is administered by a lawyer from Munich, whose office address also serves as the postal address of FinFisher.”

The raids are part of investigation into a criminal complaint filed by the GFF, Netzpolitik, Reporters Without Borders (ROG), and the European Center for Constitutional Rights and Human Rights (ECCHR) against the managing directors of FinFisher GmbH in July 2019.

The signatories argued that the surveillance software was used to spy on activists, political dissidents, and regular citizens in countries with oppressive regimes to which FinFisher was not allowed to supply its software.