State Trojan: version for encrypted messenger comes 2017

Staatstrojaner: Version für verschlüsselte Messenger kommt noch 2017

The Federal Criminal Police Office (BKA) is progressing with the development of the state trojan. This year, a version is to be completed, which enables monitoring of mobile operating systems. This is the result of a report, classified as secret, by the Ministry of the Interior, published by

State robots for mobile operating systems still in 2017

Specifically, it is about the “Remote Communication Interception Software 2.0” (RCIS 2.0). The BKA wants to extend the state trojan so that the malware can also be introduced into mobile operating systems such as Android, BlackBerry and Apple iOS. The goal is clear: in the future, the authorities also want to be able to monitor encrypted messenger services such as WhatsApp and Telegram.

The application area for the RCIS 2.0 is the source telecommunication monitoring (source TKÜ), ie the pure tapping of communication contents. The BKA had started the development in the third quarter of 2016, the release is scheduled to take place later this year.

The RCIS 1.0 version of the BKA state robot, which still had desktop operating systems in mind, was released by the Federal Ministry of the Interior in February 2016. The malware was examined by an “external software testing laboratory”, the results were then sent to the Federal Office for Information Security (BSI) and the Federal Data Protection Commissioner. In the case of the latter, a final assessment is still pending. So far, however, the BKA had not discovered any signs that rework would be necessary.

FinSpy trojan supplements BKA Trojans

In addition, the BKA wants to use not only the self-developed state trojan, but also the commercial monitoring software “FinSpy” as a substitute in the hindquarters have. This was already purchased in October 2012, which is the consequence after the state-trojan debacle in 2011.

FinSpy is still not in use. The monitoring software was last revised by the manufacturer FinFisher. Now an external company checks again whether the malware matches the legal requirements. If the tests are positive, they are to be approved by the Federal Ministry of the Interior.

In particular, the use of the commercial software evaluate network activists critically. According to, FinSpy is an “immensely powerful” hacker software that can do more than the law allows. A problem is the control. The CCC spokesman, Falk Garbsch, explains: “Now the company is using services from companies that no official or inspector was allowed to look into.”

BKA does not find any alternatives to the Trojan

An interesting aspect of the report: Apparently, the BKA is also looking for “fundamental rights-protecting alternatives” to the state Trojans. However, the result is sobering. So far nothing has been found and there is no sign that something will change.

It is the attitude that has already shimmered in the new state-presidential law. Shortly before the end of the legislature, the Grand Coalition had decided in a Hauruck procedure that the use of the state trojan was significantly extended. This is true for the source TKÜ as well as for the online search in which the complete system of a suspect is infiltrated.

Jurists and civil rights activists consider the law to be unconstitutional, and complaints have already been announced. At the same time, network activists criticize on the technical level that public authorities are exploiting security vulnerabilities that can also misuse criminals.



Ivy is loves technology and has been addicted to it since childhood. Apart from tech, she loves watching sci-fi / historical documentaries and traveling to new places.

Leave a Response

This site uses Akismet to reduce spam. Learn how your comment data is processed.