Blog Archives

Archives for May 2013

May 9, 2013 - Comments Off on FinFisher Commercializing Digital Spying – How You can be a Victim?

FinFisher Commercializing Digital Spying – How You can be a Victim?

- Shaikh Rafia

FinFisher is surveillance software by Gamma International UK Ltd marketing the surveillance solutions to government security officials through exploiting security lapses in anti-virus programs. It is basically a spyware suite designed to allow someone to spy on a computer or mobile device. Described by the company as "Governmental IT Intrusion and Remote Monitoring Solutions”, FinFisher has its command and control servers installed in around 36 countries globally, according to a report and analysis by Citizen Lab. Pakistan is one of those countries, and Pakistan Telecommunication Company Ltd (PTCL) owns the network where FinFisher server is found.

The FinSpy malware – tool of FinFisher intrusion kit – was often injected in the potential victims’ machines by sending them malicious email. In the analysis, Citizen Lab found that email addresses which were used to send these emails were on the names of some popular journalist names (in the case of Bahraini activists) and the email shared attachments which looked pertaining to the Bahraini turmoil. On opening the attachments, jpeg files were saved on the victim’s computers which were actually executable files. This sort of access gives the attacker clandestine remote access to the victimized machine with data harvesting and exfiltration capabilities. Commonly, someone tricks you into clicking a file - a picture, word document, etc – which actually hides the FinSpy file and silently affects your machine without you or the Anti-Virus program installed in your machine detecting it.

Citizen Lab found that the data like Skype audio calls, chats, key logger and passwords was accessible to the attacker. FinFisher can even secretly use the microphone or webcam in your computer or Read more

May 3, 2013 - Comments Off on Global Coalition Of NGOs Call To Investigate & Disable FinFisher’s Espionage Equipment in Pakistan

Global Coalition Of NGOs Call To Investigate & Disable FinFisher’s Espionage Equipment in Pakistan

Note: This is a Bolo Bhi & Digital Rights Foundation’s open call for support for national and international human rights organizations against espionage and surveillance in Pakistan.

This statement is pursuant to the Citizen Lab report, “For Their Eyes Only: The Commercialization of Digital Spying,” the report describes the results of 1 year of research into the global market for commercial intrusion and monitoring software. The report included a global mapping of the command and control servers used for FinFisher, a remote intrusion and monitoring product line sold to governments. Pakistan was identified among the countries where FinFisher Command and Control servers have been found.

We are a consortium of NGOs and individuals— ARTICLE 19,  Association For Progressive Communications, Access Now, Bolo Bhi, Centre For Democracy & Technology, Centre For Peace & Development Initiatives, Christopher Parsons,Chunri Chuopaal, Digital Rights Foundation, Electronic Frontier Foundation, Free Press, Global Voices Advocacy, Index On Censorship, Intermedia Pakistan, Individual Land Pakistan, Leila Nechwati,  Privacy International, Reporters Without Borders, Simon Davies (Privacy Surgeon), Institute for Research Advocacy and Development Pakistan,The Centre for Internet and Society, The Internet Democracy Project India, The Foundation for Media Alternatives (FMA),  Nawaat — committed to respecting user privacy and promoting freedom of expression and access to information.

We express our dismay and condemnation over the presence of a FinFisher Command and Control server on a network operated by the Pakistan Telecommunication Read more