Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
WikiLeaks founder Julian Assange doubts Germany’s commitment to user privacy. Weaponized malware continues to be sold from the country to foreign nations. WikiLeaks’ Spy Files updated in August contain the new versions of the FinFisher weaponized malware. Human rights activists have reported becoming targets of FinFisher. Assange is now calling on Germany to take action to stop the continued onslaught that originates on their soil.
Weaponized Malware Developer FinFisher
FinFisher is spy software produced by German company Lench IT solutions PLC, formerly part of the UK company Gamma International. They are now producing weaponized malware. WikiLeaks reports that the company is selling this weaponized malware to foreign governments and police. Some countries that are purchasing the weaponized malware have records of human rights violations. The worry is that these governments are using the high-grade weaponized malware to attack activists operating within their borders. Lench IT denies that it sells weaponized malware to abusive governments. Researchers say that this is a lie.
FinFisher is labeled as a surveillance tool for commercial purposes. The FinFisher files shared by a hacker known as Phineas Fisher show that the weaponized malware is intended for detection systems and for securing smartphones and computers. But it has broad applications as weaponized malware for targeting just about anyone. The FinFisher weaponized malware has been found to infect Apple, Linux and Windows computers, and also the mobile operating systems Android, BlackBerry, iOS, Symbian and Windows Phone. Recent reports coming in from Bahrain and Ethiopia indicate that the weaponized malware is being used by other governments to attack them.
Weaponized Malware and Human Rights Violations
WikiLeaks says that the FinFisher files can be useful to researchers. It can help source out foreign agencies that are using the weaponized malware to commit human rights violations. The weaponized malware is able to take information from devices and the Internet enabled applications on them. It can therefore also be used to spy on the countries that are using it to spy on others. The countries that have been discovered so far as using the weaponized malware are Bahrain, Nigeria, Australia, Hungary, Singapore, Belgium, Estonia, Vietnam, Netherlands, Italy, South Africa, Pakistan, Bangladesh, Slovakia, Bosnia & Herzegovina, and Mongolia.
Citizen Lab has also done some research on this weaponized malware. The group’s main goal is online protection for human rights activists. They concur with the findings of WikiLeaks, adding their own discoveries from 2013. Toronto-based Citizen Lab said that an earlier version of the FinFisher weaponized malware was employed by 25 countries last year. The attacks were originally uncovered when FinFisher spyware was found on devices operated by the secret police of Egypt.
Germany Must Act
FinFisher weaponized malware is being sold uninhibited from Germany. Assange says that the German government has to do something to stop its spread. Germany claims to care deeply about user data privacy and has gone to extreme lengths to protect it. Its own Chancellor Angela Merkel has been a victim of a serious privacy breach from government surveillance. Yet they allow one of their own companies to facilitate massive privacy violations in other countries. Many of the ruling powers that purchase their weaponized malware are abusive authoritarian regimes. They are known for obsessive crackdowns on free speech that often involve illegal detention and murder.
While waiting for a response from both the Merkel administration and FinFisher makers, security experts are working on a solution. They are using the released FinFisher files to develop tools that people can use to fend of weaponized malware attacks. This includes locating the command and control servers used by the FinFisher spyware suite.