Saturday, August 23, 2014

Eager to know source code of FinSpy

FinSpy to say in simpler terms its a GOVERNMENTAL IT INTRUSION AND REMOTE MONITORING SOLUTION.surveillance software, marketed worldwide to law enforcement agencies as a way to monitor criminals, is widely used by repressive governments to spy on human rights groups. It is currently used in around 25 countries including US.

What FinSpy Does?
FinSpy, is a surveillance tool that infects computers to capture screenshots, log keystrokes, record Skype conversations and activate cameras and microphones. Gamma Group, a British company, makes the software and markets it to law enforcement agencies as a lawful way to monitor criminals.

How it Infect Internet Users:
The surveillance suite is installed after the target accepts installation of a fake update to commonly used software. Code which will install the malware has also been detected in emails. The software, which is designed to evade detection by anti-virus software, has versions which work on mobile phones of all major brands.
A security flaw in Apple’s iTunes allowed unauthorized third parties to use iTunes online update procedures to install unauthorized programs. Gamma International offered presentations to government security officials at security software trade shows where they described how to covertly install the FinFisher spy software on suspect’s computers using iTunes’ update procedures.

Firefox Masquerading
FinFisher is capable of masquerading as other more legitimate programs, such as Mozilla Firefox. On April 30, 2013, Mozilla announced that they had sent Gamma a cease-and-desist letter for trademark infringement. Gamma had created an espionage program that was entitled firefox.exe and even provided a version number and trademark claims to appear to be legitimate Firefox software.

Martin J. Muench, a Gamma Group managing director, told The New York Times that FinSpy was used mostly “against pedophiles, terrorists, organized crime, kidnapping and human trafficking.” He declined to disclose which countries had bought the software.
But security researchers say FinSpy is used by governments around the world for broader purposes. Last year, Citizen Lab researchers found that the government in Bahrain had used FinSpy to target activists in that country.

Still more interested to explore the code here it is. Github debug it yourself and explore what it does.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.