April 30, 2013
The problem is that FinSpy masquerades as FireFox on the PC, according to researchers at The Citizen Lab, a University of Toronto-backed project that investigates technology and human rights. That violates Mozilla’s trademark, the browser-maker said in a statement. “As an open source project trusted by hundreds of millions of people around the world, defending Mozilla’s trademarks from this abuse is vital to our brand, mission and continued success.”
Mozilla says it’s sending the U.K. company that makes FinSpy, Gamma International, a cease-and-desist letter later today “demanding that these practices be stopped immediately.” Gamma International couldn’t immediately be reached for comment. FinFisher is the name of Gamma’s command and control server software that collects the surveillance data. It also makes FinSpy, the spyware that runs on the PC.
Gamma International markets its software as a “remote monitoring” program that government agencies can use to take control of computers and snoop on data and communications. In theory, it could be legitimately used for surveillance efforts by crime fighting agencies, but in practice, it has popped up as a spy tool unleashed against dissident movements operating against repressive regimes.
Citizen Lab researchers have seen it used against dissidents from Bahrain and Ethiopia. And in a new report, set to be released today, they’ve found it in 11 new countries: Hungary, Turkey, Romania, Panama, Lithuania, Macedonia, South Africa, Pakistan, Nigeria, Bulgaria, and Austria. That brings the total number of countries that have been spotted with FinFisher to 36.
To date, Citizen Lab researchers have found three samples of FinSpy that masquerades as Firefox, including a “demo” version of the spyware according to Morgan Marquis-Boire, a security researcher at the Citizen Lab, who works as a Google Security Engineer. Marquis-Boire says his work at Citizen Lab is independent from his day job at Google.