SpyFiles 4

Today, 15 September 2014, WikiLeaks releases previously unseen copies of weaponised German surveillance malware used by intelligence agencies around the world to spy on journalists, political dissidents and others.

FinFisher (formerly part of the UK based Gamma Group International until late 2013) is a German company that produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices. FinFisher first came to public attention in December 2011 when WikiLeaks published documents detailing their products and business in the first SpyFiles release.

Since the first SpyFiles release, researchers published reports that identified the presence of FinFisher products in countries around the world and documented its use against journalists, activists and political dissidents.

Julian Assange, WikiLeaks Editor in Chief said: "FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers."

FinFisher Relay and FinSpy Proxy are the components of the FinFisher suite responsible for collecting the data acquired from the infected victims and delivering it to their controllers. It is commonly deployed by FinFisher's customers in strategic points around the world to route the collected data through an anonymizing chain, in order to disguise the identity of its operators and the real location of the final storage, which is instead operated by the FinSpy Master.

WikiLeaks is also publishing previously unreleased copies of the FinFisher FinSpy PC spyware for Windows. This software is designed to be covertly installed on a Windows computer and silently intercept files and communications, such as Skype calls, emails, video and audio through the webcam and microphone (you can find more details on FinSpy in the first SpyFiles release). In order to prevent any accidental execution and infection, the following files have been renamed and compressed in password protected archives (the password is "infected"). They are weaponised malware, so handle carefully.

[all data links at WikiLeaks - SpyFiles 4]

In order to challenge the secrecy and the lack of accountability of the surveillance industry, analyzing the internals of this software could allow security and privacy researchers to develop new fingerprints and detection techniques, identify more countries currently using the FinFisher spyware and uncover human rights abuses.

________________________________________

Read more:
SpyFiles 4 - Wikileaks releases FinFisher data

IBM Blockchain, Andreas #39;s New Job, Bangladesh No, Scotland Yes, WikiLeaks Assange and Bitcoin
Sponsor MadBitcoins! $25 an episode! Cheap: http://www.madbitcoins.com/p/sponsorship.html Join the MadBitcoins Patreon for behind the scenes content! Subscri...

By: MadBitcoins

Continue reading here:
IBM Blockchain, Andreas's New Job, Bangladesh No, Scotland Yes, WikiLeaks Assange and Bitcoin - Video

Wikileaks: #39;Weaponised malware #39; hacking software spying on us - Truthloader
Wikileaks latest report was published earlier this week telling us of #39;weaponised malware #39; that #39;s been used by governments worldwide to pry in on our passwords, bank details, messages...

By: Truthloader

Read more from the original source:
Wikileaks: 'Weaponised malware' hacking software spying on us - Truthloader - Video

John E. Dunn | Sept. 17, 2014

Berates Germany for allowing makers to operate.

Wikileaks has released what it claims are previously unknown fourth-generation versions of the controversial 'government' FinFisher spyware, lambasting the German Government for allowing it to be sold to "some of the most abusive regimes in the world."

In a media announcement fronted with statements from Ecuadorian embassy refugee and editor in chief Julian Assange himself, Wikileaks offered the files for a number of the spyware's components, including Relay 4.3, Proxy 2.1, and Master 2.1, and zips containing 'weaponised' executables for the Windows FinSpy client used to monitor events such as a Skype conversation.

The organisation said its motivation for releasing the files was to "challenge the secrecy and the lack of accountability of the surveillance industry," a reference to the fact that this malware is legally used by a wide variety of governments, including repressive ones.

"FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world," wrote Assange.

"The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers."

Releasing files of malware looks more like a publicity stunt than a major help to the security industry, although it's unlikely that many or even any of them would have detected it. That said, even if they now do, the makers of FinFisher can simply produce a new iteration if they haven't already done so.

Also released by Wikileaks is a bundle of mostly old and known documents, including cheap-looking Videos, dull brochures and support details. However, one eye-catching one is a spreadsheet from April 2014 laid out like a perverse antivirus test where almost every single product fails on almost every single count. For these anti-testers, a failure happens when a program detects FinFisher.

This stands to underline how easy it now is to get past more or less any antivirus program going as long as the malware is new enough or the antivirus older. It is in fairness a tough job for security firms. FinFisher isn't like conventional malware in that it is directed against tiny numbers of people spread across the globe. Spotting malware this rare is a task.

Read the rest here:
Wikileaks outs latest FinFisher 'government spyware' that anti-virus can't spot

Summary: The long and sordid story of WikiLeaks takes an astonishingly irresponsible and very dangerous turn.

Sometimes when we seek to understand the impact of a digital scenario, we recast it in meatspace and describe an analogous situation. In seeking to understand the most recent (and probably most epically irresponsible) WikiLeaks posting, the meatspace analogy will come in handy.

Imagine, if you will, that a company located in Germany was doing biological warfare research, possibly under the guidance and using the funding of various allied governments.

As part of their research, the company has produced a strain of virus that's Ebola-dangerous and Ebola-virulent, that might be used by the varied governments to fulfill certain unspecified and undisclosed objectives.

But this time, WikiLeaks didn't just release documents. They posted the actual software.

Now imagine that a group of concerned scientists discovers this research and illegally gets their hands on vials containing the biowarfare agent. Their justification in this theft is the desire to develop a defense against it, in case it is loosed upon an unsuspecting public.

At this point, you might side with the scientists. After all, biological warfare is nasty stuff, and protecting the public from exposure and harm is a laudable goal.

What if the thieves aren't biological scientists? They're violent activists. Similarly disturbed about the activities going on in the biowarfare lab, they also manage to get a sample of the deadly biological agent.

However, instead of securely and safely transporting the deadly biohazard back to a lab for safe and secure analysis leading to an antidote agent, the thieves inexplicably set up a kiosk at a local mall. And instead of securely managing the biohazard, they give out sample vials of the biohazard to anyone who wants one.

Anyone with a brain would immediately call the authorities and insist that this incredibly dangerous behavior be stopped, and that all the loose vials of biological warfare agent be rounded up and secured or destroyed.

The rest is here:
WikiLeaks posts 'weaponized malware' for all to download

WIKILEAKS HAS RELEASED Finfisher "weaponised malware" that it claims is being used by governments around the world to spy on journalists and activists, in order to help developers defend against it.

Finfisher, which was first revealed in Wikileaks documents published in December 2011, can be used to intercept data from Mac OS X, Windows and Linux computers, as well as mobile devices running Android, Blackberry, iOS, Symbian and Windows Phone.

Wikileaks editor in chief Julian Assange said, "Finfisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise.

"Why does the Merkel government continue to protect Finfisher? This full data release will help the technical community build tools to protect people from Finfisher including by tracking down its command and control centers."

In its latest internet splash, Wikileaks has decided to make the weaponised malware available to download, so developers and security researchers can build defences against it. According to Wikileaks, the software is still being used by governments and other organisations across the world to spy on journalists, activists and political dissidents.

"In order to challenge the secrecy and the lack of accountability of the surveillance industry, analyzing the internals of this software could allow security and privacy researchers to develop new fingerprints and detection techniques, identify more countries currently using the Finfisher spyware and uncover human rights abuses," Wikileaks said.

Wikileaks added that Finisher's revenues from sales of its malware to such organisations totals around 50m with its customers including law enforcement and government agencies in Australia, Bahrain, Bangladesh, Belgium, Bosnia & Herzegovina, Estonia, Hungary, Italy, Mongolia, Netherlands, Nigeria, Pakistan, Singapore, Slovakia, South Africa and Vietnam.

Privacy International deputy director Eric King praised Wikileaks' latest move in a statement seen by The Guardian. He said, "These new documents from Wikileaks give us greater insight into how companies like Finfisher and the governments they supply compromise our personal devices, and spy on the most private parts of our lives.

"More transparency is needed to hold companies like Finfisher to account, as well as the governments purchasing such equipment. Without public scrutiny of the surveillance technology industry, activists will continue to be targeted by repressive regimes and the damaging practices of Finfisher will be allowed to continue unabated."

Read the original post:
Wikileaks releases Finfisher malware to help developers defend against it

WikiLeaks founder Julian Assange visited Gawker (or at least, its Web site) on Mondayto answer reader questions about his new book, When Google Met WikiLeaks.

. And while a lot has changed for Gawkers masthead and for Assange himself since he first rose to prominence, it would be remiss not to note Gawkersawkward history with Assange.

At least one Gawker commenter agreed with us:

The link leads here, to a post about Assanges television show.

Especially in the earlier days, there wasa tension for many sites in covering Assange and by extension, WikiLeaks and it was very much visible in the way Gawker chose to approach the subject.

On the one hand, WikiLeaks became famous because it facilitatedthe publication of several important, consequential stories about the security state by providing leaked classified documents to journalists.

On the other hand, WikiLeaks, the organization, has more and more existed as a support structure for the career of the man who founded it a man who is currently holed up in the Ecuadorian embassy in London, avoiding extradition to Sweden on sexual assault charges.

WikiLeaks and its supporters have argued that such criticism is a distraction from its mission.

In the past, Gawker (specifically, former Gawker writer Adrian Chen) has gone hard on the criticism against Assange for those reasons. But that tone has softened a little as his immediate newsworthiness waned.

Below is a recap:

Go here to read the rest:
A brief history of Gawker’s awkward relationship with Gawker guest Julian Assange

Whistleblowing website Wikileaks has released part 4 of its Spyfiles, shedding light on German weaponised malware vendor FinFisher and its suite of products of the same name.

FinFisher used to be part of the UKs Gamma group. As part of the leaks, Wikileaks has released copies of the vendor's invoices and support tickets with many client names unmasked to show the extent of spying.

Mongolia, the recently elected chair of the Freedom Online Coalition, is one of FinFishers larger customers with 16. Its predecessor in the coalition, Estonia, was also one of the largest customers with 37 FinFisher licences.

Many of the clients names remains masked. In many cases the code name is unmasked when the client raises a tech support ticket complete with a description and screenshot of the problem.

For instance, customer 559458B5 was unmasked as Mongolia easily from its support tickets. Indeed one ticket complained to FinFisher that an infected payload aimed at future-mongolia.com was getting blocked. In what may make some breathe a sigh of relief for its show of incompetence, the attacker used his Gmail account, which was of the same name as his FinFisher login name and his real name. Gmail blocks executable payloads from being sent.

On the other hand, customer B206FF8C Singapore, was much more professional - and even raised a support ticket in the wake of the SSL Heartbleed bug to ensure that the FinFisher software and laptops themselves were updated to avoid leaking any information.

Other countries in the region that were identified include Vietnam, Pakistan and Australias New South Wales police.

Wikileaks also released copies of the actual FinFisher software in the hope that security analysts can challenge the secrecy and unaccountability of the company by analysing its internals to come up with detection techniques. New product brochures were also made available for download.

Julian Assange, WikiLeaks Editor in Chief said, "FinFisher continues to operate brazenly from Germany selling weaponized surveillance malware to some of the most abusive regimes in the world.

The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers.

Here is the original post:
Wikileaks unmasks German duplicity with new leak

It would be too much to say that WikiLeaks founder Julian Assange feels optimistic. He's been holed up in the Ecuadorean embassy in London for more than two years now, withcameras and police"a 3 million surveillance operation," he calls itjust meters away.

"There's a sense of inevitability now," Assange saidwhen we asked if his situation mightchange.

Assange: "Thesituation is clarifying politically and legally."

Ars: "I just want to be clear on this pointare you saying you're hopeful you'll be free soon?"

Assange: "I wouldn't say hopeful. I would say it's inevitable. It's inevitable that we will win the diplomatic standoff we're in now."

It's getting late in London, where Assange is doing a barrage of press interviews on the eve his new book, When Google Met Wikileaks(it goes on sale in the US later this week). We called at the agreed upon time, and a man who didn't identify himself answered the number, which was for a Londoncell phone. He saidcall back in five minutes, and onlythen was the phone finally handedto Assange.

We're supposed to focus on thebook.But first, we want to know whatlife trapped in the embassy involveswhere doeshe eat, sleep, do laundry?What isthe roomhe's was in now like?

"For security reasons, I can't tell you which sections of the embassy I utilize," he said. "As to the rest, in a way, it's a perfectly normal situation. In another way, it's one of the most abnormal, unusual situationsthat someone can find themselves in."

Assange usheredWikiLeaks through severalmassive leaks of secret US government reports and a tumultuous relationship with some prominent newspapers. First came the disclosure of hundreds of thousands of military reportsonthe Iraq and Afghanistan conflicts, thena leak of more than 250,000 diplomatic cables from the State Department.

Hesought asylum from Ecuador when he was on theverge of being extraditedto Sweden to face sexual-assault charges in that nation. If he leaves the embassy, he'll be arrested, although it isn't clear where he'll be sent first. It'swidely assumed the US has an ongoing investigation intoAssange over the leaks.

Read more:
Julian Assange on Snowden, disliking Google, and his “inevitable” freedom

Providing a secure and efficient Helpdesk

WikiLeaks is making the controversial FinFisher commercial spyware tool available for download as part of the latest in a series of leaks that have put the operations of the controversial business under the microscope.

FinFisher, which was part of UK-based Gamma Group International until late 2013 before relocating to Germany, develops and sells computer intrusion systems, software exploits and remote monitoring systems that can be used to spy on people using desktops and smartphones.

Multiple platforms (Windows, Mac and Linux) and smartphone OSes (Android, BlackBerry and, yes, iOS) are supported by malware used by police and intelligence agencies around the world to spy on political dissidents, journalists and others.

FinFisher Relay and FinSpy Proxy are the components of the FinFisher suite designed to collect data from infected victims and deliver it to surveillance operators, respectively. WikiLeaks has published both alongside previously unreleased copies of the FinFisher FinSpy PC spyware for Windows. This software is designed to be surreptitiously installed on a Windows computer before being used to silently intercept files and communications, such as Skype calls, emails, video and audio.

A copy of the code for FinSpy Master, which is used to control data collection, has also been published by Julian Assange's whistleblowing site.

WikiLeaks argues that publishing the code will help security researchers to track down more FinFisher control nodes.

Assange, WikiLeaker in chief, said: "FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers."

Privacy and human rights activists, including WikiLeaks and Citizen Lab, have been documenting FinFisher's business and technology since 2011.

WikiLeaks latest leaks include copies of the vendor's invoices and support tickets, which unmask the names of many of its clients and how much they've paid for the controversial technology. Among the largest customers is Mongolia, which has been recently selected as new chair of the Freedom Online Coalition.

Original post:
Yawn, Wikileaks, we already knew about FinFisher. But these software binaries...