FinSpy article @ NYTimes

https://www.nytimes.com/2012/08/31/...political-dissidents.html?_r=1&ref=technology

"The software proved to be the stuff of a spy film: it can grab images of computer screens, record Skype chats, turn on cameras and microphones and log keystrokes. The two men said they discovered mobile versions of the spyware customized for all major mobile phones.

But what made the software especially sophisticated was how well it avoided detection. Its creators specifically engineered it to elude antivirus software made by Kaspersky Lab, Symantec, F-Secure and others.

The software has been identified as FinSpy, one of the more elusive spyware tools sold in the growing market of off-the-shelf computer surveillance technologies that give governments a sophisticated plug-in monitoring operation. Research now links it to servers in more than a dozen countries, including Turkmenistan, Brunei and Bahrain, although no government acknowledges using the software for surveillance purposes."

 

I heard about this before, and earlier in the year i tried to locate a copy to test it on my comp against my defences. I doubt very much if it would have succeeded though But it definately would be an interesting exercise

Up 'til now i havn't been able to get a copy, so if anyone has Any info, please PM me with it

 

Take thorough precautions and be extremely careful if you mess with it. Appropriate attire might be a Level A hazmat suit:
http://safespec.dupont.com/safespec/productDetail;jsessionid=.tomcat2?prodId=87

 

FinSpy turning up in dictatorships across the world

Investigating FinSpy: when surveillance spyware gets in the wrong hands

• Please also see from ESET: FinSpy and FinFisher spy on you via your cellphone and PC, for good or evil?. Finfisher and the Ethics of Detection

 

What you mean by this?

 

Have you tried kernelmodeinfo forums?

Oh.. just saw your request. I am interested to get it too.

 

Take thorough precautions and be extremely careful if you mess with it

 

Wrong hands?? That's a joke. Any agency, government, etc with such tools at their disposal will abuse them.

It's quite a game that some of these AV and anti-spyware companies have going. I for one do not accept their claims of detecting official or government malware at face value. Yes, it's great publicity but I don't see any of them detecting spyware/malware originating in their own country, not until most of the others do. It's quite likely that we have only seen the tip of the iceberg and that there's lots more being used that we don't know exists. That said, anyone with politics or activities (legal or otherwise) that could draw this kind of attention would be a fool to rely on AVs, anti-malware, anti-keylogging apps, etc to detect it. If you're in a position that you need to worry about official spyware, a default-permit based security policy will make you an easy target.

 

@ TheWindBringeth

Thanks, i'm fully sheathed

@ aigle

Yeah, it would be nice if we could + funny i expect

 

Government Spyware Seller Gamma International Hacked

 

Using Windows will make you an even easier target.

 

mobile variants...

 

@ Meriadoc

Thanks for the link Looks like they are trying to cover all bases !

*

Plently of other interesting info on there !

Funny thing though regarding the above "supposed" Bypassing of 40 AV's

As shown in the VT link in the following blog.

*

That reversing trick is neat but still needs to run when reversed

 

Hi

Gamma Group is a major actor of the law enforcement market, regularly present at Milipol Exhib/congress
http://en.milipolqatar.com/Show-Mil...GROUP/(sort_by)/az/(limitation)/20/(letter)/G

Listed as a law enforcement "trojan" providers on the UK section of the Wikileaks spymap
http://spyfiles.org/
Like the Hacking Team and its Remote Control System
http://www.hackingteam.it/index.php/remote-control-system

Similar law enforcement trojan was expected in France a few years ago, hopefully vanished with the previous Sarkozy GVT...

With the 11/11 trauma, most democratic countries try to prevent such drama, even by spying every citizen.
But the History, especially 11/11, has shown that technology is not the panacea...
Most law enforcement trojans are totally useless on a Live CD or on a non usual OS (NOT Windows/Linux/Mac)...
In the ground investigation is the key...

rgds

 

Exactly and imho there's nothing sophisticated in this malware atm.

 

Crackdown on sale of UK spyware over fears of misuse by repressive regimes

• Wikipedia now has a dedicated page for FinFisher aka FinSpy

 

KM has the "demo" sample uploaded that makes DNS requests to Gamma and a driver, I think I've seen all the samples talked about here upped to MB's. Search your malware database for file hashes.


KM