Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Attacks On Activists Traced To Gamma Group's FinFisher Spyware

Posted by Soulskill on from the congrats-the-internet-hates-you-now dept.

Sherloqq sends this quote from a Bloomberg report: "FinFisher, a spyware sold by U.K.- based Gamma Group, can secretly take remote control of a computer, copying files, intercepting Skype calls and logging every keystroke. For the past year, human rights advocates and virus hunters have scrutinized FinFisher, seeking to uncover potential abuses. They got a glimpse of its reach when a FinFisher sales pitch to Egyptian state security was uncovered after that country's February 2011 revolution. In December, anti-secrecy website WikiLeaks published Gamma promotional videos showing how police could plant FinFisher on a target's computer. ... Researchers believe they’ve identified copies of FinFisher, based on an examination of malicious software e-mailed to Bahraini activists, they say. ... The findings illustrate how the largely unregulated trade in offensive hacking tools is transforming surveillance, making it more intrusive as it reaches across borders and peers into peoples’ digital devices. From anywhere on the globe, the software can penetrate the most private spaces, turning on computer web cameras and reading documents as they are being typed."

15 of 54 comments (clear)

  1. Gamma Group - For All Your Fascist E-Needs by ohnocitizen · · Score: 3, Insightful

    Want to trample activists? Stop dangerous ideologies like Democracy in its tracks? Trust Gamma Group as much as you don't trust your citizens. "We'll help you spy on your people(tm)".

    If ever there was a company aching for a PR disaster...

    1. Re:Gamma Group - For All Your Fascist E-Needs by Anonymous Coward · · Score: 2, Interesting

      i dont think a company that sells spyware to government entities is worried about their public image...

    2. Re:Gamma Group - For All Your Fascist E-Needs by ackthpt · · Score: 3

      i dont think a company that sells spyware to government entities is worried about their public image...

      Actually, they prefer to be completely opaque .. to the point people are unaware they exist. It is the glare from the spotlight of attention they squirm under.

      Nothing to see here, nothing at all, we're just a bunch of chickens, nothing special .. why don't you go see what Rebecca and Andy are up to?

      --

      A feeling of having made the same mistake before: Deja Foobar
  2. Re:Criminal? by pseudofengshui · · Score: 3, Funny

    That depends on how many pirated MP3s come bundled with FinFisher.

    --
    [Text goes here]
  3. Re:Criminal? by Trepidity · · Score: 2

    Since Egypt was considered a UK ally, it wasn't on any lists of countries where it's prohibited to sell this kind of stuff, so unfortunately it was probably still legal. Unless someone finds them having sold stuff to North Korea or Syria or something.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  4. Moving to other platforms? by mlts · · Score: 4, Interesting

    With all the malware tools becoming available for Windows and Mac, perhaps Linux, I wonder if this will encourage people to move to lesser known platforms that would function just as well.

    Moving to a non-mainstream CPU and OS would stop most malware in its tracks. Making sure that cross-platform items like Java are either not run, or are run in a chrooted, jailed space, perhaps as a different user, might also be the par for the course.

    Hmm... time to see where I put the old Indy and see if Chromium or Firefox would port to IRIX without some substantial effort or rewriting... Barring that, there are always some old POWER5 boxes on eBay with graphical consoles, as well as SPARC boxes.

    Maybe it is time to go back to the days of Solaris for being on the Internet.

    1. Re:Moving to other platforms? by Anonymous Coward · · Score: 4, Informative

      If you look at these videos there is at least one video which suggests this requires a bit of stupidity on the users part.

      It assumes Microsoft Windows / Mac

      1. Insertion of payload to EXE / DMG download (semi assumed although this is this would be feasible and thus I'm sure how they are doing it)
      2. Instant message to blackberry user with link to trojan (spam)
      3. They show USB keys being physically inserted (I'd assume this is a non-locked down system and the trojan is opened through autorun, but that doesn't even work in Vista/7, which means user interaction, which if you are physically at the computer this would be easy to hit ok, if there are no screen saver passwords)

      Platform based solutions:
      1. Don't enable downloading of executable content (limit programs to trusted, vetted, and verifiable sources like repositories)
      2. Don't enable downloads of executable content
      3. Don't leave the system unattended, ever, and boot from removable media, the system should also be kept secure from adversaries and checked for physical hardware devices that could intercept key strokes

      Some other things:
      4. Disable scripting (libre office macros, adobe flash, PDF reader, browsers, etc)
      5. Use publicly verifiable encryption software (this excludes truecrypt as the source code is not easily vetted even though it's available, a public CVS is needed)
      6. NOT SKYPE! Anything but Skype. I mean. Really. Are you stupid? There are some alternative options. GPG email / instant messaging is probably ideal with limited protocols (personal jabber server, NOT GTalk, MSN, AIM, etc).
      7. Don't leave the data unencrypted and don't utilise third party systems (at least not repeatedly- you can easily attack a user by simply monitoring them and then infecting the systems they use even if in Internet cafes, how many Internet cafes do you have in your area? chance are you end up using one of a dozen at the most, all easily infected)

  5. Re:Fags and spics by Baloroth · · Score: 2

    In most countries, software itself is not illegal unless it is used illegally in that country (I believe Japan is one exception, there may be others was well). Monitoring your own computer using "malware" is perfectly legal. That means the government cannot legally do anything, and generally you wouldn't want them to either: or do you trust governments to have the restraint not to call Linux "hacking" software?

    --
    "None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
  6. I don't know who I'm more afraid of by cultiv8 · · Score: 3, Insightful

    what the NSA is doing or unbridled capitalism.

    --
    sysadmins and parents of newborns get the same amount of sleep.
  7. Government Sales by hoggoth · · Score: 2

    "The statement addressed the documents found in Cairo, which priced the system at 388,604 euros ($470,000), including maintenance. "

    Gotta love selling to governments. Spector-Pro eBlaster costs about $100 and does the same thing.

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
  8. Software company sells software by houghi · · Score: 2

    What is the news in this? Remember: Guns don't kill people, people do. Software does not spy on people, people do.

    I think nobody here is impressed that you can control a device in another country, as the majority here will be aware what the Intertubes are. The times of people wondering how you opened the CD tray on a remote machine are well passed us.

    I would rather see how they do it to be not found out by anti-virus programs and what we can do now to detect if we (well, those who might be at risk) are infected or not.

    --
    Don't fight for your country, if your country does not fight for you.
  9. "...unregulated trade..." by John+Hasler · · Score: 2
    Oooh. People doing things without permission. Oooh. This must be stopped! Only the Authorities should have access to this sort of thing (because you know we can trust them).

    From anywhere on the globe, the software can penetrate the most private spaces, turning on computer web cameras and reading documents as they are being typed.

    If it is installed on your computer.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  10. Re:Fags and spics by John+Hasler · · Score: 2

    "Blind eye"? Who the hell do you think are the customers for this sort of stuff?

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  11. Re:Fags and spics by John+Hasler · · Score: 3, Insightful

    It is abut a UK comany exporting malware to what was a dictatorial regime to spy on political dissidents.

    Right. Export controls: that's the ticket. It worked so well for encryption software and inconvenienced no one.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  12. Who do ya wanna blame ? by Taco+Cowboy · · Score: 2

    The piece from Bloomberg is one of the lousiest journalism there is

    Putting blame on U.K.'s Gamma Group ain't gonna make the world better

    And those activists --- if they are real ACTIVE-ists, --- they would know that activism using only their mouths to blame Gamma Group ain't gonna bring in any change

    I was an activist myself in younger days, and we didn't do 'activism by mouth' - we did it with everything - even by fighting fire with fire

    If those that we oppose use technology, such as cyber-spying and wire-tapping, we employed the same in launching our counter-strikes (Yes, some of those counter-strikes were illegal)

    All I can see, from TFA, is that those "activists" are nothing but lamers and blamers
     

    --
    Muchas Gracias, Señor Edward Snowden !