Firefox sends FinFisher authors a cease and desist letter

Last summer the New York Times published an article describing FinSpy (part of FinFisher). “The software proved to be the stuff of a spy film: it can grab images of computer screens, record Skype chats, turn on cameras and microphones and log keystrokes... Research now links it to servers in more than a dozen countries, including Turkmenistan, Brunei and Bahrain, although no government acknowledges using the software for surveillance purposes.”

Today Citizen Lab and the Canada Center for Global Security Studies has published a series of reports, gathered together under the overall title For their eyes only. Although not exclusively, it almost entirely discusses the use of Gamma International’s FinFisher. One of the reports describes a Malaysian incident reported in the New York Times last month: Researchers Find 25 Countries Using Surveillance Software. The Malaysian government said that such accusations were ‘false reporting’; but the Citizen Lab report says, “we discovered a booby-trapped document that contained a candidate list for the 5 May 2013 Malaysian General Elections.”

It then adds, “The booby-trapped document embeds a copy of FinSpy that masquerades as legitimate Mozilla Firefox software...” And not for the first time. “Samples from the FinSpy campaign targeting Bahraini activists last year used an assembly manifest that impersonated Mozilla’s Firefox browser.”

Mozilla, unsurprisingly, is annoyed at this abuse of its Firefox brand name. Yesterday it announced, “We’ve sent Gamma a cease and desist letter today demanding that these illegal practices stop immediately.” The illegal practices specified by Mozilla, as described by Citizen Lab, are firstly, “When a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as ‘Firefox.exe’,” and secondly, “For an expert user who examines the underlying code of the installed spyware, Gamma includes verbatim the assembly manifest from Firefox software.”

“Not only are these activities illegal,” says Mozilla in a blog posted yesterday, “but we take them seriously because they are deceptive, harm users, cause consumer confusion, and jeopardize Mozilla’s reputation.”

For its part, Citizen Lab concludes its report with, “Technical research in this field has only just begun, but it is already clear that the stakes are high. The proliferation of increasingly powerful commercial surveillance tools has serious implications not just for dissidents and activists, but for all of us, no matter our citizenship.”

What’s hot on Infosecurity Magazine?