Posts
FinFisher surveillance software used to spy on people
around the world according to report
By Madison Ruppert
Editor of End the
Lie
(Image credit: Morgan Marquis-Boire,
Bill Marczak, Claudio Guarnieri, and John Scott-Railton)
The FinFisher surveillance software
is being used around the world to target people, including many activists, for
detailed and invasive monitoring, according to a report released today by
researchers at the Citizen Lab of the Munk School of Global Affairs at the
University of Toronto.
I previously reported on FinFisher
when the FBI issued a warning to Android
users about the threat posed by the software, which is incidentally
heavily marketed directly to the US government.
The UK has been asked to investigate Gamma
International, the firm behind the software, though nothing has come
of that yet.
One of the most interesting aspects
of the March 13 report is the
discovery of command and control servers for FinSpy backdoors, part of the
company’s “remote monitoring solution,” in 25 countries, including Western
nations.
The countries include, “Australia,
Bahrain, Bangladesh, Brunei, Canada, Czech Republic, Estonia, Ethiopia,
Germany, India, Indonesia, Japan, Latvia, Malaysia, Mexico, Mongolia,
Netherlands, Qatar, Serbia, Singapore, Turkmenistan, United Arab Emirates,
United Kingdom, United States, [and] Vietnam,” according to the report.
FinSpy capabilities include: covert
communication with headquarters, full Skype monitoring (calls, chats, file
transfers, video and contact list), recording of email, chat and Voice-over-IP
(VoIP), live surveillance through webcam and microphone, country tracing of
target, silent extracting of files from target’s hard drive, a “process-based
key-logger” for faster analysis of key strokes, live remote forensics on the
target system, advanced filters to record only the important information and it
is capable of being deployed on Windows, Mac OSX and Linux, according to promotional materials.
The software is also available for
all major mobile phones and is specifically designed to avoid detection by the
major antivirus software including Kaspersky, Symantec and F-Secure. The
software is capable of bypassing 40 antivirus systems in total.
There are also indications that
FinSpy has been used to target political activists in particular, evidenced by
a campaign in Ethiopia using pictures of an opposition group called Ginbot 7 to
bait users.
“This continues the theme of FinSpy
deployments with strong indications of politically-motivated targeting,”
according to the report.
The malware has also been spread
through fake iTunes and Flash updates, according to a Wall Street Journal
report in 2011.
The researchers have received many
samples from security researchers and activist groups and in some cases, they
“found that the samples reported back to Web sites run by the Gamma Group. But
other samples appeared to be actively snooping for foreign governments,”
according to The New York Times.
While Martin J. Muench, a Gamma
Group managing director, claimed it was used mostly “against pedophiles,
terrorists, organized crime, kidnapping and human trafficking,” the evidence
indicates otherwise.
“Our findings highlight the
increasing dissonance between Gamma’s public claims that FinSpy is used
exclusively to track ‘bad guys’ and the growing body of evidence suggesting
that the tool has and continues to be used against opposition groups and human
rights activists,” the researchers wrote.
Notably, Muench refused to disclose
what countries had been sold the highly invasive software.
There are strong indications that it
is not only used for legitimate law enforcement targets, including the
targeting of Bahraini activists with
malicious emails that “generally suggested that the attachments contained
political content of interest to pro-democracy activists and dissidents.”
The researchers discovered that the
United States and Indonesia had the most FinFisher Command and Control servers
discovered, though they point out that, “This may not be a full representation
of all active FinFisher servers due to scanning methodology and possible
concealment strategies.”
“Presence of a server does not
necessarily indicate knowledge or complicity by the country as proxies are
undoubtedly in use on some FinFisher deployments,” they add.
Yet the fact that US agencies have
attended by far the most conferences
between 2006 and 2009 selling software like FinFisher cannot be ignored.
“The unchecked global proliferation
of products like FinFisher makes a strong case for policy debate about
surveillance software and the commercialization of offensive
cyber-capabilities,” the researchers argue.
While some, such as German Foreign
Minister Guido Westerwelle, have called for an EU-wide
ban on exporting this type of surveillance software to totalitarian states, one
must wonder why we should think it’s fine for countries like the United States
to have it.
MEP Marietje Schaake, current
rapporteur for the first EU strategy on digital freedom in foreign policy, said it is “quite shocking
that the EU is one of the key exporters of very repressive technologies and
systems to countries like Syrian, Iran and Egypt.”
The researchers call these
“countries where the rule of law is in question,” although I think one could make a strong case that the rule of law is in question in the United States, based on
numerous breaches of privacy
and law, as well.
Did I forget anything or miss any
errors? Would you like to make me aware of a story or subject to cover? Or
perhaps you want to bring your writing to a wider audience? Feel free to
contact me at admin@EndtheLie.com with your concerns, tips,
questions, original writings, insults or just about anything that may strike
your fancy.
No comments:
Post a Comment