SPY!

by dalimun

You Only Click Twice: FinFisher’s Global Proliferation

Summary of Key Findings

  • We have found command and control servers for FinSpy backdoors, part of Gamma International’s FinFisher “remote monitoring solution,” in a total of 25 countries: Australia, Bahrain, Bangladesh, Brunei, Canada, Czech Republic, Estonia, Ethiopia, Germany, India, Indonesia, Japan, Latvia, Malaysia, Mexico, Mongolia, Netherlands, Qatar, Serbia, Singapore, Turkmenistan, United Arab Emirates, United Kingdom, United States, Vietnam.
  • A FinSpy campaign in Ethiopia uses pictures of Ginbot 7, an Ethiopian opposition group, as bait to infect users. This continues the theme of FinSpy deployments with strong indications of politically-motivated targeting.
  • There is strong evidence of a Vietnamese FinSpy Mobile Campaign. We found an Android FinSpy Mobile sample in the wild with a command & control server in Vietnam that also exfiltrates text messages to a local phone number.
  • These findings call into question claims by Gamma International that previously reported servers were not part of their product line, and that previously discovered copies of their software were either stolen or demo copies.

Richard Stallman juga punya cerita tentang Ubuntu dan spyware. *Kadang saya setuju dengan orang ini, tapi kadang juga tidak. Linus? Saya selalu percaya dia orang beruntung yang kadang berperilaku baik. Ini salah satu alasannya.

Saran saya, tutup pintu dan jendela kamar, matikan komputer, buang handphone, singkirkan barang-barang dan berdoalah semoga kipas angin Anda bukan salah satu anggota transformer!

p.s: Maaf telah membuat Anda tidak fokus saat membaca posting ini. Kenapa?

Advertisements