Prosecutors Launch Investigation Into Company That Put Malware on Google Play Store

Italian government authorities have launched an inquiry into eSurv, a company that made spyware apps that it concealed as legitimate and innocuous-looking apps on the Google Play Store.
Broken Android Phone
Image: I G/Flickr

Italian authorities have launched an inquiry into a spyware vendor that made malicious apps for the Google Play Store and infected almost 1,000 people with them.

Friday, Motherboard revealed that an Italian company called eSurv had uploaded 25 malicious apps on Android’s official app store over the span of two years. The company has a contract for the development of a “passive and active interception system” for the Italian State Police, but it’s unclear if the apps were used by law enforcement authorities.


Now, newspapers in Italy have revealed that prosecutors in Naples opened an inquiry into eSurv and its activities well before last week’s report. Two sources close to the company confirmed the investigation to Motherboard.

Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at, or email

Three weeks ago, one of the sources said, police raided eSurv’s office and seized all computers on suspicion of illegal wiretapping.

On Monday, Italian newspaper La Repubblica reported that prosecutors are specifically looking into four people. Among them are Giuseppe Fasano, the head of eSurv, and Salvatore Ansani, another member of the company’s management.

A spokesperson for eSurv did not respond to a request for comment.

The Naples prosecutor's office said in a press release Monday that it is investigating both eSurv and STM, another company that worked with the surveillance company. As part of the investigation, the press release read, the prosecutors shut down eSurv’s infrastructure, which was used to operate the spyware, code-named Exodus.

Listen to CYBER, Motherboard’s new weekly podcast about hacking and cybersecurity.