Intrusion and surveillance software FinSpy has been found to be in use in 25 countries, including many with dubious human rights records. Researchers from The Citizen Lab found command and control servers for FinSpy — also known as FinFisher — across the globe after beginning analysis on a suspicious email targeting Bahraini activists. The software can capture information such as passwords and audio from Skype calls, which it then sends back to a server.
The FinSpy software is made by Gamma Group International in Munich, Germany, but is sold through a subsidiary in the United Kingdom. The surveillance tool is marketed for law enforcement, but has been used to target opposition groups and activists, something that has drawn concern over the software’s distribution to select governments. As the report notes, an unregulated market for selling surveillance software globally presents significant risks to cyber attack, as US Director of National Intelligence James Clapper discussed yesterday.
Gamma Group claims that what the researchers discovered is not part of its software line, but that one specific instance was in fact a stolen copy of an old version of the product. However, The Citizen Lab calls into question Gamma Group’s claims because of strong links between strains of the software and known FinSpy servers.
Read the Full Article: Source – The Verge