Mollitiam Industries, a niche Spanish developer of surveillance software, has officially ceased operations. Public business records confirm that the Toledo-based startup filed for bankruptcy on January 23, following mounting financial pressures that forced the firm to shutter its doors.
A Low-Profile Exit for a Controversial Vendor
Unlike high-profile industry peers such as NSO Group or Paragon Solutions, Mollitiam Industries largely operated under the radar. Its relative obscurity was attributed to both the secretive nature of the global spyware market and its base in Spain, a region that often receives limited scrutiny from international English-language media.
Despite the bankruptcy filing, the company’s official website remains active. Attempts to reach the firm for comment via email and phone have been unsuccessful, and its official LinkedIn account suggests the company maintained a modest workforce of between 11 and 50 employees.
The “Invisible Man” and Legacy of Surveillance
The company first gained international attention in 2021 when a leaked brochure revealed its flagship products: “Invisible Man” and “Night Crawler.” These tools were engineered to surreptitiously extract sensitive data, including keystrokes, passwords, and real-time communications from platforms like WhatsApp and Telegram, while also hijacking device microphones and cameras.
The firm’s most significant controversy occurred in 2020, involving the Colombian news magazine Semana. Investigative reports linked the company to a surveillance campaign conducted by the Colombian military against journalists who had exposed corruption within the ranks. Evidence from a contract suggested the military paid nearly 3 billion pesos (approx. $900,000) for the “Invisible Man” system, which was designed to bypass antivirus software and infect machines via USB or malicious Office documents.
Meta’s Findings and Security Failures
Mollitiam’s activities were not limited to government contracts. In early 2024, Meta reported that it had dismantled a network of fake accounts linked to the company. According to the report, these accounts were used to conduct social engineering, phishing, and IP-logging against journalists, political opponents, and anti-corruption activists in Spain, Colombia, and Peru.
Security experts had long been monitoring the firm’s technical shortcomings. Jurre van Bergen, a technologist at Amnesty International’s Security Lab, noted that the company’s command-and-control servers were often left exposed on public search engines like Censys.
“Extremely sloppy work of a spyware manufacturer to not put that behind a firewall,” van Bergen stated. “I guess I’m not surprised given their sloppy work they went bankrupt.”