September 15, 2014 at 20:49WikiLeaks publishes FinFisher list of client countries
Today, WikiLeaks published the promised portion of classified documents that reveal a list of states whose security and intelligence agencies have used FinFisher malware . This list includes Slovakia, Mongolia, Qatar, South Africa, Bahrain, Pakistan, Estonia, Vietnam, Australia, Belgium, Nigeria, Holland, Singapore, Bangladesh, Hungary, Italy, Bosnia and Herzegovina. WikiLeaks also calculated the total cost of all licenses that were acquired by the above states. It turned out an impressive amount of more than 47 million euros. So much has been spent by special services of states on the implementation of cyber espionage operations.
FinFisher itself is distributed through several European companies, while the clients are exclusively state bodies. security or firms closely related to those. The malware belongs to the spyware family and is used for spying on users, while the functionality can be expanded at the request of the customer. Malicious code can be used for various purposes, such as intercepting Skype conversations.
FinFisher’s distribution methods are practically no different from those used by ordinary attackers, namely, attachments in phishing messages, fake updates for well-known software, and automatic installation through exploits. One of the methods of distributing FinFisher, which received a lot of attention after its release, was to exploit the vulnerability of the update mechanism of the well-known Apple iTunes software. When updating iTunes , FinFisher could be automatically installed on the PC .
One of FinFisher's modifications is detected by ESET AV products as Win32 / Belesak.D .
FinFisher itself is distributed through several European companies, while the clients are exclusively state bodies. security or firms closely related to those. The malware belongs to the spyware family and is used for spying on users, while the functionality can be expanded at the request of the customer. Malicious code can be used for various purposes, such as intercepting Skype conversations.
FinFisher’s distribution methods are practically no different from those used by ordinary attackers, namely, attachments in phishing messages, fake updates for well-known software, and automatic installation through exploits. One of the methods of distributing FinFisher, which received a lot of attention after its release, was to exploit the vulnerability of the update mechanism of the well-known Apple iTunes software. When updating iTunes , FinFisher could be automatically installed on the PC .
One of FinFisher's modifications is detected by ESET AV products as Win32 / Belesak.D .