The notorious FinFisher spyware is rising in popularity with government agencies across the world and 32 countries have been identified as users.
FinFisher is a sophisticated spyware suite sold exclusively to government agencies and police forces. The user-friendly software is able to remotely control any computer it infects, copy files, intercept Skype calls and log keystrokes, among other functions.
Developed by Munich-based FinFisher Gamma Group, the software is touted as a way to “help government law enforcement and intelligence agencies identify, locate and convict serious criminals.”
However, a data breach which took place in August last year placed scrutiny on the secretive firm’s business practices and clients. Stolen files placed on the web suggested FinFisher was being used for activities beyond tracking criminals — such as spying upon high-profile Bahraini activists. It is believed that dissidents, law firms, journalists and political opposition in Bahrain and from Ethiopia have also been monitored through FinFisher.
Citizen Lab, an interdisciplinary laboratory based at the University of Toronto, is well-known for research into global security and human rights issues. In a fresh investigation tracking users of the spyware suite, Citizen Lab said 32 countries contain at least one government entity who is “likely” using FinFisher.
“Despite the 2014 FinFisher breach, and subsequent disclosure of sensitive customer data, our scanning has detected more servers in more countries than ever before,” Citizen Lab commented.
The Citizen Lab team devised a way to unravel and query FinFisher proxies to track the true location of the spyware’s master servers despite the use of decoy website pages and redirections.