Search
Homepage
Cloud Backup Cyber Insurance IoT Platforms 3rd Party Maintenance Network Security Modern Application Development Cyber Risk Industry Trends Edge Computing
Spectrum Partner Program Wasabi WatchGuard EPOS HP Inc.
Dell Technologies Hybrid Cloud Learning Center Dell Technologies Server Learning Center Dell Technologies Storage Learning Center Webroot Learning Center Dell Technologies Cloud Learning Center Sophos Cybersecurity Learning Center Disaster Recovery Learning Center Products of the Year Showcase Comcast Business Learning Center BlackBerry Learning Center Symantec Business Security Learning Center
Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs Cisco Partner Summit Digital 2020 Lenovo Tech World Newsroom Dell Technologies World Digital Experience 2020 HPE Zone Masergy Zenith Partner Program Newsroom Dell Technologies Newsroom Fortinet Secure Network Hub Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom The IoT Integrator Lenovo Channel-First NetApp Data Fabric Intel Tech Provider Zone

FinFisher Spyware Designed For Police And Government Apparently Enters The Wild

FinFisher spyware was developed for government and law enforcement, but it seems to have been leaked.

By Ken Presti August 09, 2012, 08:40 PM EDT

"A couple of activists started receiving some emails with attachments that contain executables with the malware," explained Claudio Guarnieri, a security researcher with Rapid7, a Boston-based security company. "It turned out to be sample of the FinFisher toolkit, which is produced and sold by the Gamma Group in the United Kingdom. It's a full-featured trojan that is able to intercept Skype calls, intercept chat and intercept other forms of communication, as well. It can steal documents, take screenshots, take camera shots and send the data to a server. It's basically designed for surveillance by law enforcement and government."

The investigation points to servers and a number of different countries, all of which have reportedly denied use.

[Related: Related: >New Flame/Stuxnet Descendent May be Heavily Weaponized ]

Bloomberg News reports that the managing director of Gamma International has said that his company has not sold FinFisher spyware to Bahrain, and that the company is currently investigating whether the malware samples used in these incidents were stolen demonstration copies or acquired elsewhere.

"We've learned a lot by examining it," added Guarnieri, during an interview with CRN. "It's heavily encrypted and will take some time before we can actually figure it out. But, while we were doing the analysis, we started probing the backend servers. We started finding indicators that would help us fingerprint the server, and we also began to find other servers. Eventually, as we began to publish information about this development, the operators began shutting down their network. So at this point, nothing is accessible, and we expect that they will move to different locations and different servers."

Guarnieri added that the investigation will continue.

"This malware has very limited distribution," he said. "The company tries to limit access to law enforcement and government. So, somehow it slipped out, or somebody who actually bought it used it in a way that it wasn't intended to be used."

PUBLISHED AUG. 9, 2012

Related Topics:
Back to Top

Video

 

trending stories

sponsored resources