Search
Homepage
EndPoint Security Cloud SASE Platform MSP Automation Solutions Cybersecurity Managed Detection and Response Collaboration & Communications Cyber Protection Remote Workforce SASE & SD-WAN 3rd Party Maintenance 5g for Business Application Integration Cloud Storage Cyber Insurance Cyber Risk Industry Trends
Wasabi Hitachi Vantara Sherweb Vonage EPOS VMware Fujifilm CyberPower Veeam
Trend Micro Learning Center Edge Computing Learning Center Digital Services for Edge Learning Center Microsoft HCI Solutions from Dell Technologies Learning Center Dell Technologies Server Learning Center Dell Technologies Storage Learning Center Webroot Learning Center CRN Showcase Dell Technologies Cloud Learning Center Sophos Cybersecurity Learning Center Partner Program Guide Showcase Channel Chief Showcase Comcast Business Learning Center BlackBerry Learning Center
Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Cisco Partner Summit Digital 2020 Lenovo Tech World Newsroom HPE Zone The Business Continuity Center Masergy Zenith Partner Program Newsroom Dell Technologies Newsroom Fortinet Secure Network Hub Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom The IoT Integrator Lenovo Channel-First NetApp Data Fabric Intel Tech Provider Zone

FinFisher Spyware Designed For Police And Government Apparently Enters The Wild

FinFisher spyware was developed for government and law enforcement, but it seems to have been leaked.

By Ken Presti August 09, 2012, 08:40 PM EDT

"A couple of activists started receiving some emails with attachments that contain executables with the malware," explained Claudio Guarnieri, a security researcher with Rapid7, a Boston-based security company. "It turned out to be sample of the FinFisher toolkit, which is produced and sold by the Gamma Group in the United Kingdom. It's a full-featured trojan that is able to intercept Skype calls, intercept chat and intercept other forms of communication, as well. It can steal documents, take screenshots, take camera shots and send the data to a server. It's basically designed for surveillance by law enforcement and government."

The investigation points to servers and a number of different countries, all of which have reportedly denied use.

[Related: Related: >New Flame/Stuxnet Descendent May be Heavily Weaponized ]

Bloomberg News reports that the managing director of Gamma International has said that his company has not sold FinFisher spyware to Bahrain, and that the company is currently investigating whether the malware samples used in these incidents were stolen demonstration copies or acquired elsewhere.

"We've learned a lot by examining it," added Guarnieri, during an interview with CRN. "It's heavily encrypted and will take some time before we can actually figure it out. But, while we were doing the analysis, we started probing the backend servers. We started finding indicators that would help us fingerprint the server, and we also began to find other servers. Eventually, as we began to publish information about this development, the operators began shutting down their network. So at this point, nothing is accessible, and we expect that they will move to different locations and different servers."

Guarnieri added that the investigation will continue.

"This malware has very limited distribution," he said. "The company tries to limit access to law enforcement and government. So, somehow it slipped out, or somebody who actually bought it used it in a way that it wasn't intended to be used."

PUBLISHED AUG. 9, 2012

Related Topics:
Back to Top

Video

 

trending stories

sponsored resources