UPDATED 05:37 EST / AUGUST 31 2012

NEWS

Bahraini Government Using “Stealth” Malware To Spy On Dissidents

A Google engineer and a computer science student believe that authoritarian government regimes are using special surveillance software designed for criminal investigations to illegally monitor political activists.

The New York Times reports that FinSpy, an elusive espionage tool designed to evade computer security software, is supposedly only sold to governments on the understanding that it’s used exclusively for criminal investigations. But months of investigation by Google employee Morgan Marquis-Boire, and Ph.D. student Bill Marczak, has revealed that the software is also being used by suspect governments for a far more sinister purpose.

The pair claim that they have discovered evidence of the widespread use of FinSpy in countries including Bahrain, Brunei and Turkmenistan, although none of these governments have admitted to using the software.

FinSpy is a frighteningly sophisticated piece of kit. Developed by UK firm Gamma Group, the surveillance tool can grab screenshots from people’s computer screens, turn on cameras and microphones at will, record Skype and other live messenger conversations, log keystrokes, read emails and more, all without the user’s knowledge of its existence.

Meanwhile, its developers have made every effort to ensure the software cannot be detected by mainstream anti-virus programs like Kaspersky, ESET NOD32, Symantec and others. It gets worse too – it’s not only computers that are at risk; WikiLeaks revealed late last year that there’s also a mobile version of the tool that can do exactly the same job on smartphones.

FinSpy first came to public attention back in March of 2011, when protesters who ransacked Egypt’s state security headquarter stumbled across documents that included a proposal from Gamma Group to sell the program to then President Hosni Mubarak’s government for $353,000.

It’s unclear if Mubarak’s government went ahead and bough the software, but the revelation promoted Martin Muench, Managing Director of Gamma Group, to insist in an email to Bloomberg that FinSpy was only sold to governments on the condition that it was used to monitor suspected criminals. Muench added that the software was most often used against terrorists, organized crime gangs, and paedophiles.

But Marquis-Boire and Marczak say they have evidence that some of Gamma Group’s customers are not sticking to the agreement. Last March, the pair agreed to take a closer look at emails sent to three anti-government activists in Bahrain, and were shocked to find that all three were embedded with malware – the FinSpy program – which reported its findings to the same server in Bahrain. None of the three activists being monitored has a criminal record.

Marquis-Boire and Marczak were later asked to investigate further malware samples from other activists and security companies, which suspected they had been targeted by FinSpy. While some of these samples were being reported back to Gamma Group’s servers, a number of them appeared to be actively snooping on dissidents on the behalf of foreign governments.

You can read Marquis-Boire and Marczak’ full findings in the report they posted on CitizenLab.org. In the meantime, anti-government protesters will need to tread very carefully when it comes to opening their emails…


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU