Wyvern? (Another encrochat/an0m using the Qubes brand?)

Hello All;

The following is a tad long - here’s a summary:
This ‘wyvern’ lot are making some extravagant claims, whilst claiming to be Qubes Hardware Certified and that they have ‘Qubes OS Mobile’.

I stumbled across this on github:
github com/Wyvern-IC/Wyvv-Hardware (empty)
& this:
github com/Wyvern-IC/QubesOS4 (empty)

So I went down the rabbit hole:
github com/wyvern-ic

So I do a quick search, to find:
wyvern ch

A very ‘interesting’ site.
The claims made on this website are extraordinary:
wyvern ch/openfirmware
They are claiming to have built their own Instruction Set emulator?!

Wyvv Ltd:
suite endole co uk/insight/company/13439193-wyvv-ltd
Incorporated 4th June 2021

wyvern ch/store?store-page=Wyvern-tm-Paranoid-Cryptophones-c109560122
I hadn’t realised @marmarek had developed ‘Qubes OS for Mobile’* during lockdown - wow!
*(Oh: ‘Ubuntu Touch with Wyv ISR’)

Valeryevna Koltsova - alleged ‘Director of Strategy’ has no apparent public presence - only close match is:
‘Irina Valeryevna Koltsova’
ggchamber org/ggcc-awards-8700-scholarships/

On this page they claim to be Qubes OS Certified:
wyvern ch/store?store-page=Wyvern-tm-Silent-Resolve-tm-based-on-Razer-Blade-Pro-17-p356490979
I can’t help but feel this is a p*sstake
‘ME HAP Bit Neutered’ (this is essentially useless for mitigating Intel ME)

Closing Statement:
Given the rather dubious products/services they have (i.e. jailbreak ios/root android) - which any technical user would not pay 200euro for - this leads me to believe this is another encrochat/an0m type scam where non-techies are enticed into a honeypot. It would be interesting if they actually have qubes on a razer - but I’m currently not buying their firmware claims until a qubes dev can confirm/deny.

If this is another encrochat/an0m, I have to say they’ve upped the effort this time.

1 Like

Sole director and shareholder of Wyvv Ltd is listed as one
’ Daniel Marsollek’
Born: July 1993
German Nationalty

Search returns:

where wyvern.ch is listed as website, other wyvern-related repos are associated going back 7 months.

Deeper down the rabbit hole:
Domain Whois record from 2017 for wvern.ch
whois-history whoisxmlapi com/lookup-report/ax5D1eoKk6

appears that the domain is registered with https://njal.la/

I haven’t bothered to look very far - it has all the marks of a con, and
I see that the Store is currently not available.
The model they claim to use isn’t supported by Coreboot: it’s a few
generations ahead. (Unless it’s an older Razor or they have worked up
the Stealth work.)
So either they’re ahead of the game with Coreboot, have refactored Heads
to support a completely new machine, or there’s something else going on.
I didn’t see a claim that the laptop is Qubes certified, but this is not
true (currently).

They just might have done all this work, have not yet submitted back
to the community, and have not yet finalised Qubes certification, but I
suspect not.
I’d love to be proved wrong.

In my experience, bona fide consumer facing security companies simply
don’t work like this - they don’t produce broken websites with mashups of
all the trendy words and acronyms they can run together.
Please don’t show this to @ninavizz

Finally, trading off the “Privacy Beast” name which is a Qubes
Certified machine, adds to my feeling that this is wrong.

2 Likes

AAAAAAAAAAGGEEEE!!! (grips at hair feverishly, and runs out of room screaming)

All silliness aside, the Valeryevna Koltsova individual named above, was recently booted from GitHub for making unhelpful and provacative contributions, while disparaging good-faith contributors. They later sent me an email that I shared with other contributors, that appeared to make a (lousy) attempt to sow dischord among the core team. They also called my work “pretty,” I think in an honest attempt at flattery. Except that’s akin a husband buying his wife a vacuum cleaner for her birthday.

My honest impression that Valeryevna Koltsova is a sockpuppet, and this whole thing is a sham. I’m really bummed to see that this org is attempting to rip-off the very hard work of Insurgo. But, the impressions they’ve made with others, has also been a “Nice try, loser” sort of measure.

2 Likes