back to article FinFisher spyware goes global, mobile and undercover

Security researchers have warned that the controversial FinFisher spyware has been updated to evade detection and has now been discovered in 25 countries across the globe, many of them in APAC. FinFisher, also known as FinSpy, is produced by Anglo/German firm Gamma International and marketed as a “lawful interception” suite …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Happy

    "FinFisher spyware has been updated to evade detection"

    and has now been discovered in 25 countries across the globe

    Awesome detection evasion there. 10/10.

    1. Ralph B
      Happy

      Re: "FinFisher spyware has been updated to evade detection"

      Maybe it happened in the other order: There it is! Oh, it's gone.

    2. LarsG

      Re: "FinFisher spyware has been updated to evade detection"

      A double bluff perhaps, these are the ones you are expected to find, the properly updated ones are hidden.

    3. MichaelC72
      Stop

      Re: "FinFisher spyware has been updated to evade detection"

      This isn't the spyware you're looking for...

  2. Matt Bryant Silver badge
    Pirate

    Maybe not as much Big Brother as Big Boss.

    My own impression from the little I've worked with Far East Asian companies is they really don't trust their employees and often spy just as much on them as on competitors. I'm betting some of these Gamma instances are paranoid bosses spying on their own staff.

  3. Schultz

    How is this different from other spyware?

    From the 'normal citizen' point of view (and the criminal's too), this is just another bit of annoying and potentially dangerous spyware. Some governments decided to join the club of spyware distributors -- let's hope that democracy (where applicable) will take care of that problem at the next election.

    1. Ian McNee
      Black Helicopters

      Re: How is this different from other spyware?

      It's different in that Gamma International will almost certainly have a cosy relationship with the British and German security services who are so keen to snoop on their own citizens with the sanction of their respective political classes...***WHHOOOOSSSSHHHHHH***...hey did you hear that? The sound of Tory & Lib Dem politicians who had previously opposed Labour's GHCQ mega-snoop legislation swiftly changing their position when they entered Downing Street. Who knew?!

  4. Anonymous Coward
    Anonymous Coward

    no-one has pointed out about FinFisher

    that it's actually superficially a fairly proportionate use of spying technology. The FinFisher Trojan (and the German BundesTrojaner) were not bandied about like a fire-hose, spraying the whole interwebs with eavesdropping (unlike IMP/CCDP which is just a data grab of all of our data)

    The Trojan is deployed against specific (pseudo)named targets. The desk officer who's running a FinFisher Trojan deployment probably can only manage 20 to 50 victims, so there'll be a need for lots of desk officers in the state donut - for any given state - for the usual number of usual suspects.

    What's bad about the FinFisher Trojan is that almost any resource-rich state seems to qualify for the software, with bollocks consideration given to human rights, but at least it's not as invasive as being rubber truncheoned by the state for the same info.

    What's worse about the FinFisher Trojan (and the German BundesTrojaner) is that both of these systems can UPLOAD whatever files the desk-officer chooses - then plausibly delete and remove evidence of any infection - whilst leaving the victim stuffed with kinderpr0n, violent bestiality, terrorizm poetry that didn't exist before! In our state this might not be happening, who knows? Where is the public/parliamentary oversight, where are the audited logs of Trojan use?? - I am not a lawyer but the increasing use of FinFisher type products without seeming oversight might lead to a plausibility of 'doubt' creeping into future evidence based trials.

    This idea that increasingly widespread data at rest and data on the move remote manipulation is a concern for forensic evidence needs, needs to be analysed by a professor somewhere, and explained slowly to politicians, and maybe to Gamma themselves?

  5. Anonymous Coward
    Anonymous Coward

    FinFly is just as dangerous

    FinFly

    FinFly is a transparent HTTP proxy that can modify files while they are being

    downloaded. Elaman has created two versions of this software; the FinFly-Lite and the FinFly-ISP. The FinFly-Lite can be used by the agency within a

    local network to append FinSpy or a custom Trojan horse to executables that

    are downloaded by a target computer. The FinFly-ISP can be integrated into

    an Internet Provider’s network to infect en masse or targeted computers.

    check for those digital certs, people

    Good thing I download exe files over a VPN and compare them before I run them, just for scenarios like this to show up.

  6. Matt Bryant Silver badge
    Joke

    Best joke of the week told to me by an hp employee......

    All this is just hp's new security system to track their board members and senior management and stop leaks. The project has the internal codename The Dunn Network......

This topic is closed for new posts.

Other stories you might like