Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cyber Attacks On Activists Traced To Gamma Group's FinFisher Spyware

Soulskill posted more than 2 years ago | from the congrats-the-internet-hates-you-now dept.

Communications 54

Sherloqq sends this quote from a Bloomberg report: "FinFisher, a spyware sold by U.K.- based Gamma Group, can secretly take remote control of a computer, copying files, intercepting Skype calls and logging every keystroke. For the past year, human rights advocates and virus hunters have scrutinized FinFisher, seeking to uncover potential abuses. They got a glimpse of its reach when a FinFisher sales pitch to Egyptian state security was uncovered after that country's February 2011 revolution. In December, anti-secrecy website WikiLeaks published Gamma promotional videos showing how police could plant FinFisher on a target's computer. ... Researchers believe they’ve identified copies of FinFisher, based on an examination of malicious software e-mailed to Bahraini activists, they say. ... The findings illustrate how the largely unregulated trade in offensive hacking tools is transforming surveillance, making it more intrusive as it reaches across borders and peers into peoples’ digital devices. From anywhere on the globe, the software can penetrate the most private spaces, turning on computer web cameras and reading documents as they are being typed."

Sorry! There are no comments related to the filter you selected.

First Post (1)

Anonymous Coward | more than 2 years ago | (#40769633)

Posted by FinFisher

Who do ya wanna blame ? (2)

Taco Cowboy (5327) | more than 2 years ago | (#40772071)

The piece from Bloomberg is one of the lousiest journalism there is

Putting blame on U.K.'s Gamma Group ain't gonna make the world better

And those activists --- if they are real ACTIVE-ists, --- they would know that activism using only their mouths to blame Gamma Group ain't gonna bring in any change

I was an activist myself in younger days, and we didn't do 'activism by mouth' - we did it with everything - even by fighting fire with fire

If those that we oppose use technology, such as cyber-spying and wire-tapping, we employed the same in launching our counter-strikes (Yes, some of those counter-strikes were illegal)

All I can see, from TFA, is that those "activists" are nothing but lamers and blamers
 

Fags and spics (-1, Troll)

Anonymous Coward | more than 2 years ago | (#40769635)

Good thing governments are going after people over downloading a song but turning a blind eye towards people selling malware to dictators.

Re:Fags and spics (2)

Baloroth (2370816) | more than 2 years ago | (#40769911)

In most countries, software itself is not illegal unless it is used illegally in that country (I believe Japan is one exception, there may be others was well). Monitoring your own computer using "malware" is perfectly legal. That means the government cannot legally do anything, and generally you wouldn't want them to either: or do you trust governments to have the restraint not to call Linux "hacking" software?

Re:Fags and spics (1, Flamebait)

Lunix Nutcase (1092239) | more than 2 years ago | (#40770005)

What the hell does your blabbering have to do with anything? This isn't about people running software they choose. It is abut a UK comany exporting malware to what was a dictatorial regime to spy on political dissidents.

Re:Fags and spics (3, Insightful)

John Hasler (414242) | more than 2 years ago | (#40770571)

It is abut a UK comany exporting malware to what was a dictatorial regime to spy on political dissidents.

Right. Export controls: that's the ticket. It worked so well for encryption software and inconvenienced no one.

Re:Fags and spics (2)

John Hasler (414242) | more than 2 years ago | (#40770525)

"Blind eye"? Who the hell do you think are the customers for this sort of stuff?

Re:Fags and spics (0)

Anonymous Coward | more than 2 years ago | (#40770793)

Dictatorial regimes that are the supposed enemies of the western world.

Malware (1)

Anonymous Coward | more than 2 years ago | (#40769673)

can secretly take remote control of a computer...

So this isn't "pen testing", it's traspassing with full-on malware, right?

Does it require user interaction, or does it use remote exploits and known vulnerabilities?

Criminal? (0)

Anonymous Coward | more than 2 years ago | (#40769717)

So, when is this 'Gamma Group' going to be dismantled, incarcerated, and shut down permanently?

Re:Criminal? (3, Funny)

pseudofengshui (1432581) | more than 2 years ago | (#40769743)

That depends on how many pirated MP3s come bundled with FinFisher.

Re:Criminal? (2)

Trepidity (597) | more than 2 years ago | (#40769767)

Since Egypt was considered a UK ally, it wasn't on any lists of countries where it's prohibited to sell this kind of stuff, so unfortunately it was probably still legal. Unless someone finds them having sold stuff to North Korea or Syria or something.

Gamma Group - For All Your Fascist E-Needs (3, Insightful)

ohnocitizen (1951674) | more than 2 years ago | (#40769729)

Want to trample activists? Stop dangerous ideologies like Democracy in its tracks? Trust Gamma Group as much as you don't trust your citizens. "We'll help you spy on your people(tm)".

If ever there was a company aching for a PR disaster...

Re:Gamma Group - For All Your Fascist E-Needs (2, Interesting)

Anonymous Coward | more than 2 years ago | (#40769805)

i dont think a company that sells spyware to government entities is worried about their public image...

Re:Gamma Group - For All Your Fascist E-Needs (3)

ackthpt (218170) | more than 2 years ago | (#40769925)

i dont think a company that sells spyware to government entities is worried about their public image...

Actually, they prefer to be completely opaque .. to the point people are unaware they exist. It is the glare from the spotlight of attention they squirm under.

Nothing to see here, nothing at all, we're just a bunch of chickens, nothing special .. why don't you go see what Rebecca and Andy are up to?

Re:Gamma Group - For All Your Fascist E-Needs (1)

CanHasDIY (1672858) | more than 2 years ago | (#40769937)

If ever there was a company aching for a PR disaster...

You say that as if modern governments give a shit what their people think.

Protip: They don't. Why should they? If the last 30 years have taught us anything, it's the fact that if someone in government wants to commit an act that is currently criminal, they just make an exception for themselves.

Re:Gamma Group - For All Your Fascist E-Needs (1)

s.petry (762400) | more than 2 years ago | (#40771201)

While I don't disagree with your sentiment, I do say that there is more we can do as people to resolve these issues. Educate people around you, and wake people up is the first step. After that, you can actually have enough mass to make changes. Complacency is not going to resolve the problems (obviously).

Of course this is an extension of your thoughts. The sentiment alone hints at being defeated, perhaps that was not your opinion.

Re:Gamma Group - For All Your Fascist E-Needs (1)

CanHasDIY (1672858) | more than 2 years ago | (#40776347)

Not being defeatist, just pointing out the obvious.

Educating people, as you said.

Re:Gamma Group - For All Your Fascist E-Needs (0, Flamebait)

Anonymous Coward | more than 2 years ago | (#40773561)

Want to trample activists? Stop dangerous ideologies like Democracy in its tracks? Trust Gamma Group as much as you don't trust your citizens. "We'll help you spy on your people(tm)".

If ever there was a company aching for a PR disaster...

There are plenty of free software out there that does the same job, and you guys don't get all worked up about shit like Back Orrifice. This "news" is just some emails showing up with a new flavor of eavesdropping software attached.

Tell me you were _honestly_ concerned about the prospect of "bad people" using these old hat tools.

Re:Gamma Group - For All Your Fascist E-Needs (1)

Yvanhoe (564877) | more than 2 years ago | (#40775309)

For all the rest, there is SSL, Tor and GPG. Use them if you are a political activist or a journalist talking to them. It is important. There has been a recent clash in France between Telecomix and AFP when an interview was published, explaining that the journalist has interviewed an opponent through skype.

Re:Gamma Group - For All Your Fascist E-Needs (0)

Anonymous Coward | more than 2 years ago | (#40777011)

How exactly would Tor, SSL, or GPG prevent a keylogger and arbitrary code execution exploits from working?

Re:Gamma Group - For All Your Fascist E-Needs (1)

Yvanhoe (564877) | more than 2 years ago | (#40781237)

How exactly would NASA solve the malaria pandemic ?

freelancer (-1)

Anonymous Coward | more than 2 years ago | (#40769757)

as Marvin said I am inspired that anybody able to make $6830 in one month on the computer. did you see this web page http://goo.gl/UUZFR

Moving to other platforms? (4, Interesting)

mlts (1038732) | more than 2 years ago | (#40769851)

With all the malware tools becoming available for Windows and Mac, perhaps Linux, I wonder if this will encourage people to move to lesser known platforms that would function just as well.

Moving to a non-mainstream CPU and OS would stop most malware in its tracks. Making sure that cross-platform items like Java are either not run, or are run in a chrooted, jailed space, perhaps as a different user, might also be the par for the course.

Hmm... time to see where I put the old Indy and see if Chromium or Firefox would port to IRIX without some substantial effort or rewriting... Barring that, there are always some old POWER5 boxes on eBay with graphical consoles, as well as SPARC boxes.

Maybe it is time to go back to the days of Solaris for being on the Internet.

Re:Moving to other platforms? (-1)

Anonymous Coward | more than 2 years ago | (#40769891)

Why do you presume that would stop anyone other than you being an idiot?

Re:Moving to other platforms? (0)

Anonymous Coward | more than 2 years ago | (#40769991)

i like the cut of your jib good sir

Re:Moving to other platforms? (4, Informative)

Anonymous Coward | more than 2 years ago | (#40770175)

If you look at these videos there is at least one video which suggests this requires a bit of stupidity on the users part.

It assumes Microsoft Windows / Mac

1. Insertion of payload to EXE / DMG download (semi assumed although this is this would be feasible and thus I'm sure how they are doing it)
2. Instant message to blackberry user with link to trojan (spam)
3. They show USB keys being physically inserted (I'd assume this is a non-locked down system and the trojan is opened through autorun, but that doesn't even work in Vista/7, which means user interaction, which if you are physically at the computer this would be easy to hit ok, if there are no screen saver passwords)

Platform based solutions:
1. Don't enable downloading of executable content (limit programs to trusted, vetted, and verifiable sources like repositories)
2. Don't enable downloads of executable content
3. Don't leave the system unattended, ever, and boot from removable media, the system should also be kept secure from adversaries and checked for physical hardware devices that could intercept key strokes

Some other things:
4. Disable scripting (libre office macros, adobe flash, PDF reader, browsers, etc)
5. Use publicly verifiable encryption software (this excludes truecrypt as the source code is not easily vetted even though it's available, a public CVS is needed)
6. NOT SKYPE! Anything but Skype. I mean. Really. Are you stupid? There are some alternative options. GPG email / instant messaging is probably ideal with limited protocols (personal jabber server, NOT GTalk, MSN, AIM, etc).
7. Don't leave the data unencrypted and don't utilise third party systems (at least not repeatedly- you can easily attack a user by simply monitoring them and then infecting the systems they use even if in Internet cafes, how many Internet cafes do you have in your area? chance are you end up using one of a dozen at the most, all easily infected)

Re:Moving to other platforms? (1)

jonfr (888673) | more than 2 years ago | (#40770777)

Secure boot would be re-writable cd-rom or dvd. But with the swamp and data on the hard drive. It allows for two things. Secure boot and no loss of data. It would also be smart to move away from Linux to FreeBSD, NetBSD, OpenBSD or something of that nature. As Linux is well known today and has possibility of exploits.

Re:Moving to other platforms? (0)

Anonymous Coward | more than 2 years ago | (#40772453)

Ages ago before Linux and Free/Net/OpenBSD, there were a lot of UNIX variants for x86. Dell had a UNIX from the SVR4 kernel, QNX was in the market. At the time, the most popular BSD with source was Mt. Xinu and BSD386 (not 386BSD from Jolitz.)

I wonder if QNX is still being maintained as a full OS product and not just the realtime kernel. If not, a BSD is probably the best balance between a modern OS versus being obscure enough to foil the blackhats.

Re:Moving to other platforms? (0)

Anonymous Coward | more than 2 years ago | (#40770519)

You will be disappointed with either the performance or the electricity bill.
BTW do you remember the "one exploit a week for Irix" series on bugtraq?
Sure, a malware might not be able to penetrate an Irix box, but any script kiddie could.

The only reasonable-looking alternative would be to get a (or two) handful of some not-too-mainstream processors (those mipsen used in wifi routers come to mind), and build your own smp box with linux. Iff you can soldier a some-hundred ball package.

Re:Moving to other platforms? (1)

budgenator (254554) | more than 2 years ago | (#40771379)

Your assuming that Chromium or Firefox is as secure as most of us hope; Lynx should be pretty secure. [wikipedia.org]

Re:Moving to other platforms? (1)

aaaaaaargh! (1150173) | more than 2 years ago | (#40774397)

Companies like Gamma Group are selling this software at exorbitant prices under defense contracts. They offer to infect about any (non-hardened, non-military) system and any telefone in existence, and for the money they get they can easily hold that promise.

So, no, switching to a lesser known system will not help much. Perhaps it will make a few people curse and delay the whole spying attempt for a few months, but not much more.

All the more reason ... (1)

ackthpt (218170) | more than 2 years ago | (#40769887)

To leave Win world as soon as possible.

Re:All the more reason ... (1)

Lunix Nutcase (1092239) | more than 2 years ago | (#40769915)

Because malware can't be written for OS X or Linux?

Re:All the more reason ... (1)

Anonymous Coward | more than 2 years ago | (#40770115)

They'd generally have to get the malware into the Linux repos, which isn't totally impossible, but it is a rather large barrier. It reduces the malware footprint of the Linux ecosystem to a tiny fraction of what it might be otherwise.

Generally you're pretty safe if you:

(1) Don't follow the "run all scripts from anybody!" idiots
(2) Only install software from trusted repos.

Sure, someone could break in and physically install it on your machine, but that's not going to be happening to the vast majority. You pretty much have to have an outstanding criminal investigation against you or something before that will happen in most countries.

So yeah, Linux does protect you for the most part. So would BSD. Of course, this being /., someone will utterly miss the point by observing that this isn't 100% proof against malware, only 99.999%, and should therefore be considered useless, because as we all know, there is only black and white, and 99.999% white is therefore the same as black.

Want to defeat FinFisher? (1)

Gordonjcp (186804) | more than 2 years ago | (#40769889)

Install Linux. Better yet, install Arch Linux, because all the packaged libraries will be way too new for it to have a hope in hell of ever working.

Get over it (1)

ozduo (2043408) | more than 2 years ago | (#40769943)

it's no worse than selling guns or uranium, it is not the products fault it is the end user.

I don't know who I'm more afraid of (3, Insightful)

cultiv8 (1660093) | more than 2 years ago | (#40770019)

what the NSA is doing [rt.com] or unbridled capitalism.

Linux client? (0)

Anonymous Coward | more than 2 years ago | (#40770119)

Let me know when this thing runs on linux...

Government Sales (2)

hoggoth (414195) | more than 2 years ago | (#40770133)

"The statement addressed the documents found in Cairo, which priced the system at 388,604 euros ($470,000), including maintenance. "

Gotta love selling to governments. Spector-Pro eBlaster costs about $100 and does the same thing.

Software company sells software (2)

houghi (78078) | more than 2 years ago | (#40770141)

What is the news in this? Remember: Guns don't kill people, people do. Software does not spy on people, people do.

I think nobody here is impressed that you can control a device in another country, as the majority here will be aware what the Intertubes are. The times of people wondering how you opened the CD tray on a remote machine are well passed us.

I would rather see how they do it to be not found out by anti-virus programs and what we can do now to detect if we (well, those who might be at risk) are infected or not.

Re:Software company sells software (1)

John Hasler (414242) | more than 2 years ago | (#40770653)

I would rather see how they do it to be not found out by anti-virus programs and what we can do now to detect if we (well, those who might be at risk) are infected or not.

Well, once it is properly "regulated" as the article suggests is necessary the antivirus vendors will be prohibited from warning users about licensed spyware as it will only be used in authorized police investigations.

Re:Software company sells software (0)

Anonymous Coward | more than 2 years ago | (#40771163)

What makes you think that "anti-virus" software will work against government sponsored mal-ware? Or to ask another question, are you so foolish you don't think the government requires backdoors in many major pieces of software? Skype... for instance. Which government, and which software is probably mainly a regional thing. But we already know that network equipment coming out of certain asian countries comes pre-compromised AND includes 'secret' back doors.
 
You are more than welcome to operate under the principle that YOUR government would never do that. However, MY government has been KNOWN to be doing that for a long time now. So has China's, Iran's and I'm sure dozens of others. If you didn't roll the crypto, it's not safe. Period.

Who on earth (2)

Dainsanefh (2009638) | more than 2 years ago | (#40770177)

don't know how to put an electrical tape over their webcam already? Remove it only when you use it!

What about the microphones? (1)

knorthern knight (513660) | more than 2 years ago | (#40770589)

What about laptop built-in microphones that come bundled with the cameras?

Re:What about the microphones? (1)

John Hasler (414242) | more than 2 years ago | (#40771663)

What about laptop built-in microphones that come bundled with the cameras?

They'll enable that feature for an extra $80,000.

Question for the security pros (1)

HangingChad (677530) | more than 2 years ago | (#40770195)

Does the FinFisher software work across all platforms? Windows, Mac and Linux?

Whenever I hear about spyware like FinFisher, I have what is perhaps a false sense of security that it's really talking about Windows.

"...unregulated trade..." (2)

John Hasler (414242) | more than 2 years ago | (#40770485)

Oooh. People doing things without permission. Oooh. This must be stopped! Only the Authorities should have access to this sort of thing (because you know we can trust them).

From anywhere on the globe, the software can penetrate the most private spaces, turning on computer web cameras and reading documents as they are being typed.

If it is installed on your computer.

Re:"...unregulated trade..." (1)

s.petry (762400) | more than 2 years ago | (#40771335)

Oooh. People doing things without permission. Oooh. This must be stopped! Only the Authorities should have access to this sort of thing (because you know we can trust them).

From anywhere on the globe, the software can penetrate the most private spaces, turning on computer web cameras and reading documents as they are being typed.

If it is installed on your computer.

It was "the Authories" that had access and used it to spy on citizens, read TFA.

To your second point, do you really believe that they have no way of brute forcing a hunk of Spyware on to any Windows PC? I think you missed the articles last month where MS key stores were not the only thing at issue with Flame and Stuxnet, it was that the Government had agents working inside MS. A dollar says they have more than 1 "oh shit" back door on any MS PC, if not something permanently installed that they can do the same thing at the flip of a switch.

Re:"...unregulated trade..." (1)

John Hasler (414242) | more than 2 years ago | (#40771651)

It was "the Authories" that had access and used it to spy on citizens...

No shit. And do you really think that the UK authorities would have denied the company a license to sell the software to the Egyption authorities? Remember, they were our allies in the War On Terror.

To your second point...

Which is that this is just another bit of malware, different from the usual kind only in that it is "legit", commercial, and very expensive.

...do you really believe that they have no way of brute forcing a hunk of Spyware on to any Windows PC?

It's Windows. "Brute force" may be too strong a term. Maybe "gentle push"?

Re:"...unregulated trade..." (1)

s.petry (762400) | more than 2 years ago | (#40773525)

The sarcasm in your post was obviously.. not obvious. Seems like we are thinking at least very similar.

Carrier IQ (0)

Anonymous Coward | more than 2 years ago | (#40772985)

They should have said it was for 'Quality Control', then denied it can personally identify anyone, then admit that it can, but doesn't snoop on keys, then admit it can snoop on keys but only by accident. Then whine that their legitimate business is being attacked by mad people who don't want to be spied on. (HTC's profits and market share have plummetted BTW, serves them right for installing it).

Really you make a tool to be used, guns DO kill people, even their owners by accident sometimes. If this tool can be used by anyone then how is it different from any other rootkit?

I often wonder why Microsoft doesn't sue these security companies that backdoor its products into the ground. Then I read that they won't confirm Skype doesn't have a backdoor and suddenly it all becomes clear. Pot Kettle Black.

And the solution is (0)

Anonymous Coward | more than 2 years ago | (#40774819)

And the solution is - is to stop using Microsoft Windows ..

"FinFisher, a spyware sold by U.K.- based Gamma Group, can secretly take remote control of a computer, copying files, intercepting Skype calls and logging every keystroke .. From anywhere on the globe, the software can penetrate the most private spaces, turning on computer web cameras and reading documents as they are being typed".
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?