Energy5.12.2022

Eskom CEO doubles down on “sophisticated” spying device found in his Volvo

Eskom CEO André de Ruyter has doubled down on the claim that he stumbled upon a highly sophisticated tracking device under the driver’s seat of his Volvo.

De Ruyter was answering questions on live streaming platform Waitroom in a public session hosted by Kieno Kammies.

MyBroadband asked a question about George Fivaz Forensic & Risk — the investigators who had first crack at the circuit board De Ruyter found in his vehicle.

This comes after details were provided to press in October about a circuit board, described as an “NSA-level device”, that De Ruyter found while cleaning his car.

Articles cited a preliminary report prepared by former police commissioner George Fivaz who claimed the device isn’t commercially available, and is typically used by law enforcement and intelligence agencies.

Fivaz’s report stated that the circuit board was manufactured in Texas and that they were still tracing the other components.

Journalists were provided photos of the circuit board, which they duly published.

The images immediately caught the attention of South Africa’s technical community, who smelled something off about the story.

Immediate red flags were the fact that the board contained clearly identifiable markings, a sticker with a serial number, and a holder for a CR2032 lithium coin cell.

Such a low-power cell would struggle to keep a tracking and listening device powered for very long.

Engineers and information security experts soon identified the two main chips on the printed circuit board as a microcontroller and transceiver — both readily and cheaply available.

The microcontroller is an STMicroelectronics STM32L011G4U6, and the transceiver is most likely a Texas Instruments CC1200/1201 (i.e. “manufactured in Texas”, as claimed by Fivaz).

There was no GSM module, no GPS, no microphone and no flash memory or card reader to store audio.

Therefore, claims that the board was some kind of sophisticated tracking and listening device were far-fetched at best.

For various reasons, few of those involved in the online investigative effort were willing to break anonymity.

However, security researcher Daniel Cuthbert was willing to comment on the record.

Cuthbert is an expert in covert implants, co-author of the OWASP Application Security Verification Standard, and sits on the Blackhat review board.

He explained that, based on the evidence, the device was likely nothing more than a remote of some kind.

Such a remote button could be a gate or garage opener, a panic button, or a way to arm and disarm a home alarm.

MyBroadband’s in-house researcher and electronic engineer Wikus Steyn agreed.

“There is no GPS chip or antenna, so no tracking that way. I see no mic onboard, although there is what seems to be a 2-pin input at the top, but that is most likely for a push button,” Steyn stated.

He also said the quality of soldering suggests cheap mass production.

After the board’s chips were identified, a MyBroadband reader posted photos of his 2016 Volvo XC90’s panic button on our discussion forum.

Its circuit board was uncannily similar to the “NSA-level” spying device De Ruyter found in his car.

It turns out that Tracker fits a vehicle tracking unit and panic button in every Volvo sold in the country. Motorists can then optionally add a Tracker subscription to their Volvo roadside assistance.

Tracker will also locate your car if it’s stolen without a subscription.

The partnership dates back to at least January 2014, when Tracker started fitting new Volvos with Skytrax units.

Tracker’s panic buttons likely use wireless transceivers so thieves can’t simply trace a wire to locate where the unit is hidden in the car.

Although the forum member’s panic button uses a different microcontroller and transceiver chip than those on the circuit board found in De Ruyter’s car, the overall design and layout are very similar. In particular:

  • Both boards have the same 94V0 flammability rating
  • Labels: “Assist-Rev5” on 2016 XC90 and “Assist-Rev12” under the sticker on De Ruyter’s PCB

These similarities are illustrated in the image below.

When MyBroadband previously contacted Volvo and Tracker for comment, the companies provided the following response via a Volvo spokesperson:

“Based off of the photos that you have sent us, our third-party supplier Tracker have informed us that this could be one of their older devices that were fitted to Volvos a few years ago.”

Despite the overwhelming evidence to the contrary, De Ruyter has continued to be advised that the device he found is a spying device.

While responding to a question about who was paying George Fivaz Forensic & Risk, De Ruyter revealed that they had received a letter from Volvo stating that the circuit board found in his car was non-standard.

“By the way, we’ve just had confirmation in writing from Volvo… that this is not a Volvo part, it’s not a gate remote. This is a sophisticated bug planted by persons unknown.”

He held a letter to camera showing CMH Volvo Cars Bryanston’s letterhead.

Asked whether Eskom or De Ruyter himself paid Fivaz, the Eskom CEO provided the following explanation:

“This is a service that we are procuring based on support that we get from organised business in order to run some intelligence operations that assist us in detecting and preventing crime, particularly sabotage, coal theft, and so forth.”

De Ruyter said Eskom has had to do its own intelligence gathering and crime detection, with the state providing support when arrests need to be made.

“We don’t have powers of arrest. As part of that [intelligence gathering and crime detection], George Fivaz rendered services,” he said.

MyBroadband contacted Eskom for comment on this story, and spokesperson Sikonathi Mantshantsha clarified that neither Eskom nor the state procures Fivaz’s services and has no contract with him.

The services Fivaz Risk & Forensics renders to Eskom are part of the support the state-owned power utility receives from organised business.

“The device is currently in the hands of the Hawks, and a criminal case is being investigated. Eskom will provide no further comment on this matter,” Mantshantsha said.

MyBroadband contacted Volvo for comment, and it did not provide feedback by publication. This article will be updated if we do.


Now read: Suspect linked to bomb threat against Eskom COO arrested

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter