For years, Gamma Group (today FinFisher) is under fire
because of its spy software FinSpy.
The findings of Reporters Without Borders, Privacy International
and organizations dealing with human rights that
in recent years, the company sold its system
inwigilacyjny not only the German Federal Office
Kryminalnemu (BKA), but also a totalitarian countries
and applying torture .
Now the hacker attack unearthed secret documents,
which cast a nasty suspicion: Is vendors
Gamma cooperate with anti-virus? Computer World takes
lead.
Hacker provides transparency
pebbles, which caused an avalanche, was an attack on a web server
Gamma at the beginning of August. Hacker hiding under a pseudonym
“Phineas Fisher” stole secret documents of the company, published it on
Twitter and handed WikiLeaks website.
(Click image to enlarge it)
Published documents are striking. The materials
published by Wikileaks as Spyfiles4 is a list
customers, and its countries like Bahrain, Qatar,
Mongolia, Pakistan, Singapore and Vietnam . Gamma
previously denied the supplied software
spyware to countries where it is alleged rights violations
man. The Munich branch of the company is not responsible for
PC World editors question.
“You can also read relationship with the world’s most important conference
DEF CON 22 hacker
In the case of lying on the Gulf of Bahrain documents
Wikileaks reveal unpleasant details: table provides
of detailed information about opponents of the government spying
on the Gulf monarchies, calculated under surveillance equipment
and shows the operation of spyware. Bahrain, according to the
organizations dealing with the protection of human rights is a country
employing torture . And according to the arrangements of
Watch Bahrain FinSpy being followed by the opposition in the country
Persian Gulf are actually in custody.
WikiLeaks next secret documents
Gamma also published FinSpy spy program. Above
shows the control panel will spy software.
Spyfiles4 raises a lot of nasty suspicion
In the shared package was also Wikileaks
Test table dated 4 April 2014. It cites
all popular antivirus programs in the world
and document the tests for detection of spyware Trojan
Gamma. Scary – according to the table, in the current
time, only one security program is able to detect
Gamma Trojan This raises the question: Are the programs are not
just effective enough to recognize FinSpy? Or maybe
are deliberately blind because antivirus vendors
cooperate with spyware companies such as Gamma?
Maik Morgenstern, CTO AV-Test: “Gamma
optimizes spy programs until the software
Safety will not be able to detect them! “
Computer World FinSpy checks
Computer World decided to check out this heavy suspicion.
Editors Security Centre lucky, because a hacker Phineas
Fisher is dispersed in mid-September and Wikileaks
FinSpy Trojan released version! Computer World immediately
into action and analyzed the software together
with independent experts from AV-Test.
The result: the analysis of the code shows that it is actually
about the “state of the Trojan”. His potential inwigilacyjny
is scary . The program connects to the camera
and microphones infected devices and creates screenshots
OSD. FinSpy keyboard entries and read this
it can capture passwords. Sends the recordings of the conversations
Skype and chat to secret server, it can be deleted,
change, and download files and smuggle to
the infected machine’s own figures. Trojan can even
restore deleted files.
FinSpy in recognition test
From the World Computer analysis shows one thing, that the discovery
WikiLeaks is not the current generation of Trojan, but his version
four years ago. It also contains some modules.
Missing for example, the function by which administered FinSpy
security software against a harmless program
thereby preventing the unmasking. Despite this
Computer World AV checks with experts from Magdeburg, or
popular antivirus programs detect spy
software.
As expected, the test antivirus software with
old pest has not brought a surprise. Only
four relatively little-known manufacturers – Command, F-Prot,
QuickHeal and Total Defense – did not know FinSpy .
All other recognize it by analyzing the code (heuristics)
or by “APB virus” (signature).
Alarm canceled? Not at all! The information Edward Snowden
that the NSA which invests millions of dollars in development
Trojans. It is doubtful that the US software vendors
protection must be detected. German manufacturers are lighter.
G-Data spokesman Thorsten Urbanski says plaintext that the company
had no inquiries from Gamma or state authorities. –
If you try to influence us, given our clear
refusal – says Urbanski. Computer World finger on the pulse.
When they float FinSpy new variants, will also be tested.
We promise!
“Read also: Chinese do not want Kaspersky and
Symantec. We know why!
Photo: alphaspirit / 123rf.com
No comments:
Post a Comment