FinFisher spyware, a spyware application used by government and law
enforcement agencies for the purpose of surveillance, appears to have
been hacked earlier this week and a string of files has been dumped on
the Internet.
The highly secret surveillance software called “FinFisher”
sold by British company Gamma International can secretly monitors
computers by turning ON webcams, recording everything the user types
with a keylogger, and intercepting Skype calls, copying files, and much
more.
A hacker has claimed on Reddit and Twitter that they'd infiltrated the
network of one of the world's top surveillance & motoring technology
company Gamma International, creator of FinFisher spyware, and has
exposed 40GB of internal data detailing the operations and effectiveness
of the FinFisher suite of surveillance platforms.
The leaked information was published both on a parody Gamma Group Twitter account (@GammaGroupPR) and Reditt by the hacker that began publishing links to the documents and satirical tweets.
The leaked files includes client lists, price lists, source code of Web Finfly, details about the effectiveness of Finfisher malware, user and support documentation, a list of classes/tutorials, and much more.
The Reddit post
Gamma International Leaked in self.Anarchism said, “a couple days ago
[when] I hacked in and made off with 40GB of data from Gamma's networks.
I have hard proof they knew they were selling (and still are) to people
using their software to attack Bahraini activists, along with a whole
lots of other stuff in that 40GB.”
The FinFisher files were first leaked on Dropbox as a torrent file and
since have been shared across the internet, which means that it is now
impossible to stop the information from being leaked.
One spreadsheet in the dump titled FinFisher Products Extended Antivirus
Test dated April this year, details the anti-virus detection rates of
the FinFisher spyware which German based Gamma Group sold to governments
and law enforcement agencies.
It shows how FinFisher performed well against 35 top antivirus products.
That means FinFisher would probably not be detected by a targeted
users' security systems.
One more document also dated April this year has been identified that
detailed release notes, for version 4.51 of FinSpy, show a series of
patches made to the products including patch to ensure rootkit component
could avoid Microsoft Security Essentials, that the malware could
record dual screen Windows setups, and improved email spying with
Mozilla Thunderbird and Apple Mail.
The file dump also reveals that FinFisher is detected by OS X Skype (a
recording prompt appears), so the users of OS X Skype would be alerted
to the presence of FinFisher by a notification indicating that a
recording module was installed.
FinFisher cannot tap Windows 8 users, so rather the desktop client, the users should opt for the Metro version of Skype.
The dump also contains a fake Adobe Flash Player updater, a Firefox
plugin for RealPlayer and an extensive (though still undetermined)
documentation for WhatsApp.
“A price list, which appeared to be a customers' record, revealed the FinSpy program cost 1.4 million Euros and a variety of penetration testing training services priced at 27,000 Euros each,” the Reg. reported. “The document did not contain a date but it did show prices for malware targeting the recent iOS version 7 platform.”
0 comments:
Post a Comment