Monday, September 3, 2012

FinFisher learned to infect smartphones

FinFisher attacking mobile users

Company "Citizen's Lab" has detected a new spy software for mobile devices. According to company representatives, research has shown that the basis for a new spyware program served FinSpy, supplied software FinFisher, created by Gamma Group UK.

It is reported that this version FinSpy runs on almost any modern mobile devices. The victims of this spyware can be as owners of mobile devices based on Android OS and Windows Phone, and the owners of BlackBerry, and even the happy owners of the iPhone and iPad.

This spyware is distributed via text messages and e-mails containing links to download fake system updates or links redirect users to infected sites. Getting on the victim's device, the mobile version FinSpy allows attackers to determine the location of the infected mobile device, as well as track any action by the device, in particular, to intercept and record the talks, emails, and text messages. All the collected information it is sent to a remote server controlled by hackers. They are performed in the background, completely invisible to the user.

Commercial Trojan FinFisher (FinSpy) created by the German company Gamma Group for special services and law enforcement agencies. Sales programs are implemented through the UK subsidiary, Gamma International. Developer accused that he would not hesitate to sell this tool to countries with a dubious reputation.

For example, in July 2012 it was reported that the dictatorship in Bahrain has purchased a system to spy on the opposition, although the company Gamma International denied that the sale of licenses to Bahrain. They say that the Middle Eastern country without permission to use a modified version of the demo FinFisher. Documented fact purchase a five-month license Mubarak regime in Egypt for € 287,000 company also denies.

FinFisher came to the attention of specialists in the past year, but then he infected only desktop operating system. Opportunities FinFisher track calls and GPS-coordinates, record conversations on Skype, record keystrokes, video webcams and audio from a microphone. Server-driven programs are found in Indonesia, Australia, Estonia, Latvia, Czech Republic, Qatar, Ethiopia, Mongolia, the United Arab Emirates and the United States (in the cloud Amazon EC2).

Now Google engineers Morgan Marcus Boyr (Morgan Marquis-Boire) with a colleague conducted a thorough study of the new version FinFisher and found out that now the spyware infects not only desktop PCs but also mobile devices, iOS, Android, RIM, Symbian and Windows Phone 7.

According to the researchers, they were able to prove the connection spyware with the company Gamma Group. The fact is that in a version for Symbian signed certificate of Cyan Engineering, and the domain of the company registered in the name Johnny Geds - the same name as specified in the sales Gamma Group in the supply contract FinSpy to Egypt.

No comments:

Post a Comment