FinFisher, an addition to the mass surveillance club.<br><br><b>Authors:</b> Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri, and John Scott-Railton.<br>(Citizenlab.org)<br><h3>Summary of Key Findings</h3>
<ul><li>We have found command and control servers for FinSpy backdoors, part
 of Gamma International’s FinFisher “remote monitoring solution,” in a 
total of 25 countries: Australia, Bahrain, Bangladesh, Brunei, Canada, 
Czech Republic, Estonia, Ethiopia, Germany, India, Indonesia, Japan, 
Latvia, Malaysia, Mexico, Mongolia, Netherlands, Qatar, Serbia, 
Singapore, Turkmenistan, United Arab Emirates, United Kingdom, United 
States, Vietnam.</li></ul>
<ul><li>A FinSpy campaign in Ethiopia uses pictures of Ginbot 7, an 
Ethiopian opposition group, as bait to infect users. This continues the 
theme of FinSpy deployments with strong indications of 
politically-motivated targeting.</li></ul>
<ul><li>There is strong evidence of a Vietnamese FinSpy Mobile Campaign. We 
found an Android FinSpy Mobile sample in the wild with a command & 
control server in Vietnam that also exfiltrates text messages to a local
 phone number.</li></ul>
<ul><li>These findings call into question claims by Gamma International that previously reported servers were <i>not</i> part of their product line, and that previously discovered copies of their software were either stolen or demo copies.</li>



</ul><br><a href="https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global-proliferation-2/" target="_blank">https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global-proliferation-2/</a><br><a href="http://surveillance.rsf.org/en/gamma-international/" target="_blank">http://surveillance.rsf.org/en/gamma-international/</a><br>


<a href="http://en.wikipedia.org/wiki/FinFisher" target="_blank">http://en.wikipedia.org/wiki/FinFisher</a><br><a href="https://www.f-secure.com/weblog/archives/00002114.html" target="_blank">https://www.f-secure.com/weblog/archives/00002114.html</a><br>


<a href="http://www.f-secure.com/weblog/archives/finfisher.pdf" target="_blank">http://www.f-secure.com/weblog/archives/finfisher.pdf</a>   (in arabic)<br><br><br><br><br><br><br><br><a href="https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global-proliferation-2/" target="_blank"></a><br>


<p><br></p><br><br><div class="gmail_quote">On Tue, Mar 5, 2013 at 7:07 AM, Louis Pouzin (well) <span dir="ltr"><<a href="mailto:pouzin@well.com" target="_blank">pouzin@well.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">A shopping list of active providers:<br><br><a href="http://www.salon.com/2013/01/31/meet_the_contractors_turning_americas_police_into_a_paramilitary_force/?source=newsletter&utm_source=contactology&utm_medium=email&utm_campaign=Salon_Daily%20Newsletter%20%28Premium%29_7_30_110" target="_blank">http://www.salon.com/2013/01/31/meet_the_contractors_turning_americas_police_into_a_paramilitary_force/?source=newsletter&utm_source=contactology&utm_medium=email&utm_campaign=Salon_Daily%20Newsletter%20%28Premium%29_7_30_110</a><br>




<br>In addition to well known big names, ATT, Boeing, Facebook, Google, NSA, etc.<br>Creeping police State.<br><br><br><br>
</blockquote></div><br>