FinSpy article @ NYTimes

Discussion in 'other security issues & news' started by TheWindBringeth, Aug 31, 2012.

Thread Status:
Not open for further replies.
  1. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,085
    https://www.nytimes.com/2012/08/31/...political-dissidents.html?_r=1&ref=technology

    "The software proved to be the stuff of a spy film: it can grab images of computer screens, record Skype chats, turn on cameras and microphones and log keystrokes. The two men said they discovered mobile versions of the spyware customized for all major mobile phones.

    But what made the software especially sophisticated was how well it avoided detection. Its creators specifically engineered it to elude antivirus software made by Kaspersky Lab, Symantec, F-Secure and others.

    The software has been identified as FinSpy, one of the more elusive spyware tools sold in the growing market of off-the-shelf computer surveillance technologies that give governments a sophisticated plug-in monitoring operation. Research now links it to servers in more than a dozen countries, including Turkmenistan, Brunei and Bahrain, although no government acknowledges using the software for surveillance purposes."
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    I heard about this before, and earlier in the year i tried to locate a copy to test it on my comp against my defences. I doubt very much if it would have succeeded though :p But it definately would be an interesting exercise :D

    Up 'til now i havn't been able to get a copy, so if anyone has Any info, please PM me with it ;)
     
  3. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,085
    Last edited: Sep 2, 2012
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    FinSpy turning up in dictatorships across the world
    Investigating FinSpy: when surveillance spyware gets in the wrong hands
    • Please also see from ESET: FinSpy and FinFisher spy on you via your cellphone and PC, for good or evil?. Finfisher and the Ethics of Detection
     
    Last edited: Sep 1, 2012
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Have you tried kernelmodeinfo forums?

    Oh.. just saw your request. I am interested to get it too.
     
    Last edited: Sep 1, 2012
  7. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,085
    Take thorough precautions and be extremely careful if you mess with it
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Wrong hands?? That's a joke. Any agency, government, etc with such tools at their disposal will abuse them.

    It's quite a game that some of these AV and anti-spyware companies have going. I for one do not accept their claims of detecting official or government malware at face value. Yes, it's great publicity but I don't see any of them detecting spyware/malware originating in their own country, not until most of the others do. It's quite likely that we have only seen the tip of the iceberg and that there's lots more being used that we don't know exists. That said, anyone with politics or activities (legal or otherwise) that could draw this kind of attention would be a fool to rely on AVs, anti-malware, anti-keylogging apps, etc to detect it. If you're in a position that you need to worry about official spyware, a default-permit based security policy will make you an easy target.
     
  9. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ TheWindBringeth

    Thanks, i'm fully sheathed ;)

    @ aigle

    Yeah, it would be nice if we could + funny i expect ;)
     
  10. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Government Spyware Seller Gamma International Hacked
     
  11. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Using Windows will make you an even easier target.
     
  12. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru

    Attached Files:

  13. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ Meriadoc

    Thanks for the link :thumb: Looks like they are trying to cover all bases !

    *

    Plently of other interesting info on there !

    Funny thing though regarding the above "supposed" Bypassing of 40 AV's o_O

    As shown in the VT link in the following blog.

    *

    That reversing trick is neat :eek: but still needs to run when reversed :p
     
  14. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi

    Gamma Group is a major actor of the law enforcement market, regularly present at Milipol Exhib/congress
    http://en.milipolqatar.com/Show-Mil...GROUP/(sort_by)/az/(limitation)/20/(letter)/G

    Listed as a law enforcement "trojan" providers on the UK section of the Wikileaks spymap
    http://spyfiles.org/
    Like the Hacking Team and its Remote Control System
    http://www.hackingteam.it/index.php/remote-control-system

    Similar law enforcement trojan was expected in France a few years ago, hopefully vanished with the previous Sarkozy GVT...

    With the 11/11 trauma, most democratic countries try to prevent such drama, even by spying every citizen.
    But the History, especially 11/11, has shown that technology is not the panacea...
    Most law enforcement trojans are totally useless on a Live CD or on a non usual OS (NOT Windows/Linux/Mac)...
    In the ground investigation is the key...

    rgds
     
  15. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Exactly and imho there's nothing sophisticated in this malware atm.
     
  16. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Crackdown on sale of UK spyware over fears of misuse by repressive regimes
    • Wikipedia now has a dedicated page for FinFisher aka FinSpy
     
    Last edited: Sep 9, 2012
  17. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    KM has the "demo" sample uploaded that makes DNS requests to Gamma and a driver, I think I've seen all the samples talked about here upped to MB's. Search your malware database for file hashes.


    KM
     
Thread Status:
Not open for further replies.