WikiLeaks has released previously unseen copies of weaponised German surveillance malware used by intelligence agencies around the world to spy on journalists, political dissidents and others.
https://wikileaks.org/spyfiles4/index.html
FinFisher (formerly part of the UK based Gamma Group International until late 2013) is a German company that produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices. FinFisher first came to public attention in December 2011 when WikiLeaks published documents detailing their products and business in the first SpyFiles release.
Since the first SpyFiles release, researchers published reports that identified the presence of FinFisher products in countries aroud the world and documented its use against journalists, activists and political dissidents.
Julian Assange, WikiLeaks Editor in Chief said:
FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers.
FinFisher Relay and FinSpy Proxy are the components of the FinFisher suite responsible for collecting the data acquired from the infected victims and delivering it to their controllers. It is commonly deployed by FinFisher's customers in strategic points around the world to route the collected data through an anonymizing chain, in order to disguise the identity of its operators and the real location of the final storage, which is instead operated by the FinSpy Master.
Archives:
http://web.archive.org/web/20140915073153/https://wikileaks.org/spyfiles4/index.html
https://archive.today/XRT0p
Related Stories
Spanish police have arrested three people they linked to the hacking of Gamma Group and Hacking Team:
Spanish police have arrested three people over a data breach linked to a series of dramatic intrusions at European spy software companies — feeding speculation that the net has closed on an online Robin Hood figure known as Phineas Fisher.
A spokesman with Mossos d'Esquadra, Catalonia's regional police, said a man was arrested Tuesday in Salamanca on suspicion of breaking into the website of the Mossos labor union, hijacking its Twitter feed and leaking the personal data of more than 5,500 officers in May of last year. Another man and a woman were arrested in Barcelona in connection to the same breach, he said. No more arrests are expected, he added, speaking on condition of anonymity in line with force policy.
May's breach was claimed by Phineas Fisher, who first won notoriety in 2014 for publishing data from Britain's Gamma Group — responsible at the time for spyware known as FinFisher. The hacker cemented their reputation by claiming responsibility for a breach at Italy's Hacking Team in 2015 — a spectacular dump which exposed the inner workings of government espionage campaigns — and appearing as a hand puppet in an unusual interview for a 2016 documentary on cybermercenaries .
Also at Motherboard and The Hill.
Previously: Gamma FinFisher Hacked - 40 GB of Code and Docs Available
WikiLeaks Releases German Surveillance Malware
Italian Security Firm "Hacking Team" Has Been Compromised
Hacking Team Complains That its Leaked Zero-Days Will be Misused
Hacking Team Break-in Explained
(Score: 0) by Anonymous Coward on Tuesday September 16 2014, @03:54PM
weaponised surveillance malware
I want to see that... That is future terminator movie material there...
(Score: 3, Interesting) by GreatAuntAnesthesia on Tuesday September 16 2014, @03:59PM
...remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices...
So now that details of this software are out, will the listed software producers[1] be able to block the particular attacks used? Of course, this will just result in another version of surveillance tools to work around the workarounds, which leads to another round of blocking...
[1] by which I mean Linux, 'cause let's face it, Microsoft and Apple and the rest aren't going to give a shit about securing their systems against government surveillance
(Score: 2) by bob_super on Tuesday September 16 2014, @04:53PM
Yes, I am sure that my phones, which are only 18 months and 3 years old, will get instantly patched by the benevolent carriers, to protect me from all the newly empowered script kiddies.
I feel a lot safer now than when Iran could spy on my tomato picture.
(Score: 3, Interesting) by Nail_Biter on Tuesday September 16 2014, @05:56PM
I doubt the members of the Linux Foundation "give a shit about securing YOUR systems against government surveillance". I'd suspect that many of them profit greatly from it.
Linux is fast, if security breaks or slows the kernel Linus throws a fit. If you're running ANY binary distro then you don't stand much of a chance against targeted state sponsored malware.
This is now public. I expect ALL affected software publishers to take action. They don't want a PR nightmare. Most Android users are probably screwed (nothing new here) and iOS, assuming you have a 4s or newer, might be patched with iOS 8.x.
I'm interested to see how projects like grsecurity and pax hold up to FinFisher and if there are releases for the BSDs.
(Score: 3, Insightful) by Anonymous Coward on Tuesday September 16 2014, @04:06PM
> The Merkel government pretends to be concerned about privacy,
Yes, her shit-fit about being spied on personally really gets my goat.
Heads of state are as close to a legitimate surveillance target as you can get.
They have million-dollar budgets to help them maintain their privacy.
But wholesale, extra-legal spying on the common-man is the kind of thing that eats away at society from the inside - when everyone has to run their actions through a mental checklist of how they might be misconstrued and taken out of context, then self-censorship in everything becomes the norm. And then there is the very real risk of it being used to maintain the political status quo, like the way surveillance on martin luther king was used to try to silence him. [lettersofnote.com]
Fuck her elitism.
(Score: 2) by SlimmPickens on Tuesday September 16 2014, @07:16PM
I agree with your sentiment, but it's still good that she/they develop a distaste for surveillance.
(Score: 1) by Tanuki64 on Tuesday September 16 2014, @11:34PM
She/they does not. Nothing to develop. She/they always had a distaste to be on the receiving end of surveillance.
(Score: 2) by SlimmPickens on Wednesday September 17 2014, @12:37AM
LOL, just binary values is it?
I suggest that her pre-existing distaste can develop, and that might lead to changing her mind about participating in it.
(Score: 0) by Anonymous Coward on Wednesday September 17 2014, @12:43AM
I would like to think so.
But I am doubtful that she sees it that way.
The "what's good for the goose is good for the gander" probably won't be her perpspective. More like, "I am a world-respected leader you have no reason to spy on me. But all those plebes, they are not so well qualified as to be above suspicion." A sort of privacy-elitism, privacy privilege even. Which people like the mighty buzzard would deny exists, privilege being a phony libtard construct and all.
(Score: 1) by Tanuki64 on Wednesday September 17 2014, @12:50AM
Oh sure. It can happen. No law of nature against it. And of course, it is absolutely possible, that Obama has a change of mind and not only pardons Edward Snowden, but thanks him personally for exposing the abuse of power of the intelligence services. Unlikely, but not impossible.
(Score: 0) by Anonymous Coward on Tuesday September 16 2014, @04:08PM
So I can now penetrate all the griefer guilds' member accounts and loot their guild banks for rare raid drops?
(Score: 0) by Anonymous Coward on Tuesday September 16 2014, @04:22PM
> So I can now penetrate all the griefer guilds' member accounts and loot their guild banks for rare raid drops?
Just about. [pcgamer.com]
(Score: -1, Troll) by lentilsoup on Tuesday September 16 2014, @04:10PM
Is "weaponized" malware the same thing as "assult rifle"? In what way does Finfisher differ from Metasploit, or even Backorifice for that matter, for it to be considered "weaponized"?
-SLAA-
Join SLAA Today! SLAA (SOY LENTIL ASSOCIATION OF AMERICA) is the first organization which gathers SOY LENTILS from all over America and abroad for one common goal - eating SOY LENTILS.
Do you eat SOY?
Do you eat LENTILS?
Do you eat SOY LENTILS?
If you answered "Yes" to any of the above questions, then SLAA (SOY LENTIL ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join SLAA (SOY LENTIL ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time SLAA member.
SLAA (SOY LENTIL ASSOCIATION OF AMERICA) is the fastest-growing SOY LENTIL community with THOUSANDS of members all over United States of America. You, too, can be a part of SLAA if you join today!
Why not? It's quick and easy - only 2 simple steps!
First, you have to obtain a copy of SOYLENT GREEN THE MOVIE and watch it.
Second, you need to join the official SLAA irc channel #SLAA on sylnt.us, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today!
If you are having trouble locating #SLAA, the official SOY LENTIL ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. For the right network, you can connect to irc.sylnt.us or chat.soylentnews.org.
If you have mod points and would like to support SLAA, please moderate this post up.
This post brought to you by a proud member of SLAA
There are no legumes but lentils, and soy is their condiment.
(Score: 2) by kaszz on Tuesday September 16 2014, @05:31PM
"FinFisher continues to operate brazenly from Germany"
How long can they operate before there are some expression of the misery they cause by destruction of the societal trust ..?
(Score: 2) by c0lo on Tuesday September 16 2014, @10:39PM
You mean more than being hacked [soylentnews.org] about 1 month ago?
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by kaszz on Thursday September 18 2014, @11:00AM
They cause death for others so I guess some won't settle for a mere hack.
(Score: 5, Insightful) by mtrycz on Tuesday September 16 2014, @09:00PM
I remember reading about FinFisher, maybe even was here in a previous submission. Nasty stuff, they sell it to foreign police for trachin journalists and shit. Much like the recent story about the mobile malware made for the US police, but sold to anyone for 1k$.
I'm very positevly impressed by them having them published copies of the malware. I don't have the time and expertise (although I could get some more of the latter, I can't have more of the former), but I really hope some white hats will have it dissected in reasonable time, so that we can have some improved security soon.
And speaking of which: why are mobile platforms such a colander, security-wise?
In capitalist America, ads view YOU!
(Score: 2) by c0lo on Tuesday September 16 2014, @10:36PM
To be worn by Pastafarians in their driving licence photo?
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by hankwang on Wednesday September 17 2014, @06:03AM
So, how is a computer typically compromised with this malware? Are you safe if you don't run unsigned binaries?
Avantslash: SoylentNews for mobile [avantslash.org]
(Score: 2) by SuperCharlie on Wednesday September 17 2014, @12:13PM
There are likely many vectors starting with hardware exploits. I doubt they would wait around for someone to execute or open something, I would expect some type of push at hardware, OS, or software vulnerabilities.