FinFisher is a controversial suite of IT surveillance software. FinFisher is marketed and developed by Gamma International and has seen use in military and government surveillance operations. There have been various reports of attacks NGOs and political dissidents involving FinFisher software. Some examples of groups that may be targeted with FinFisher malware include political dissidents in Syria and pro-Tibet activists in China. ESG security researchers urge computer users involved in political activism or in danger from surveillance from a particular government or military entity to protect their computer with strong anti-malware measures and to be extremely careful when browsing the Internet or downloading any kind of content.
The Controversy Surrounding FinFisher and Gamma International
While there are many legitimate applications for FinFisher, especially in law enforcement, there has been controversy in the practices of Gamma International. Licenses for FinFisher software have been found in the offices of the overthrown president of Egypt Hosni Mubarak and malware analysts suspect that various totalitarian regimes around the world use FinFisher to spy on their opponents today. Fortunately, it is not likely that common criminals can gain access to FinFisher software, which is usually observed in government-backed malware attacks, due to this software’s high price tag. The license that the Egyptian government was using cost them an impressive 287,000 Euros! The main controversy surrounding FinFisher is that Gamma International seems to provide counseling on how to use known flaws in third-party programs in order to install FinFisher on victims’ computers. One highly publicized case involving these practices occurred when a security flaw in iTunes that was not patched until 2011 was used to install FinFisher on numerous computers.
What FinFisher Can Do
Due to the nature of their products, Gamma International is not very forthcoming about their software to the general public. However, brochures have been leaked on numerous trustworthy outlets, such as WikiLeaks. Some of the things the people using FinFisher can do include the following:
- FinFisher can be used to break WPA encryption and gain access to wireless networks.
- FinFisher can be used to monitor activity on social network accounts and webmail.
- FinFisher allows remote monitoring of activity on the victim’s computer.
- FinFisher can be used to discover hidden networks and gain access to Bluetooth devices.
- FinFisher can also steal passwords and online account information.
How Can You Detect FinFisher?