Wikileaks outs latest FinFisher ‘government spyware’ that anti-virus can’t spot

John E. Dunn | Sept. 17, 2014

Berates Germany for allowing makers to operate.

Wikileaks has released what it claims are previously unknown fourth-generation versions of the controversial 'government' FinFisher spyware, lambasting the German Government for allowing it to be sold to "some of the most abusive regimes in the world."

In a media announcement fronted with statements from Ecuadorian embassy refugee and editor in chief Julian Assange himself, Wikileaks offered the files for a number of the spyware's components, including Relay 4.3, Proxy 2.1, and Master 2.1, and zips containing 'weaponised' executables for the Windows FinSpy client used to monitor events such as a Skype conversation.

The organisation said its motivation for releasing the files was to "challenge the secrecy and the lack of accountability of the surveillance industry," a reference to the fact that this malware is legally used by a wide variety of governments, including repressive ones.

"FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world," wrote Assange.

"The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers."

Releasing files of malware looks more like a publicity stunt than a major help to the security industry, although it's unlikely that many or even any of them would have detected it. That said, even if they now do, the makers of FinFisher can simply produce a new iteration if they haven't already done so.

Also released by Wikileaks is a bundle of mostly old and known documents, including cheap-looking Videos, dull brochures and support details. However, one eye-catching one is a spreadsheet from April 2014 laid out like a perverse antivirus test where almost every single product fails on almost every single count. For these anti-testers, a failure happens when a program detects FinFisher.

This stands to underline how easy it now is to get past more or less any antivirus program going as long as the malware is new enough or the antivirus older. It is in fairness a tough job for security firms. FinFisher isn't like conventional malware in that it is directed against tiny numbers of people spread across the globe. Spotting malware this rare is a task.

Read the rest here:
Wikileaks outs latest FinFisher 'government spyware' that anti-virus can't spot

Related Posts
This entry was posted in $1$s. Bookmark the permalink.