We’ve all heard about Nation State surveillance programs and their capabilities throughout the world, but have you ever wondered how these programs were developed and the decisions that went into them? In this talk we will go through the very recent actions a particular nation-state undertook in order to build up their offensive cyber capabilities for both desktop and mobile, including iOS and Android. With insights gleaned from exfiltrated content obtained during a recent investigation into one of their bespoke tools, we will look at the build vs. buy decisions that key individuals involved in this process went through–from the lawful intercept and exploit shops they communicated with, to their in-house development, and ultimately to what their resulting solution(s) were. This talk will have mystery, intrigue, couch surfing, and as usual a bunch of op-sec failures.