- Shaikh Rafia

FinFisher is surveillance software by Gamma International UK Ltd marketing the surveillance solutions to government security officials through exploiting security lapses in anti-virus programs. It is basically a spyware suite designed to allow someone to spy on a computer or mobile device. Described by the company as "Governmental IT Intrusion and Remote Monitoring Solutions”, FinFisher has its command and control servers installed in around 36 countries globally, according to a report and analysis by Citizen Lab. Pakistan is one of those countries, and Pakistan Telecommunication Company Ltd (PTCL) owns the network where FinFisher server is found.

The FinSpy malware – tool of FinFisher intrusion kit – was often injected in the potential victims’ machines by sending them malicious email. In the analysis, Citizen Lab found that email addresses which were used to send these emails were on the names of some popular journalist names (in the case of Bahraini activists) and the email shared attachments which looked pertaining to the Bahraini turmoil. On opening the attachments, jpeg files were saved on the victim’s computers which were actually executable files. This sort of access gives the attacker clandestine remote access to the victimized machine with data harvesting and exfiltration capabilities. Commonly, someone tricks you into clicking a file - a picture, word document, etc – which actually hides the FinSpy file and silently affects your machine without you or the Anti-Virus program installed in your machine detecting it.

Citizen Lab found that the data like Skype audio calls, chats, key logger and passwords was accessible to the attacker. FinFisher can even secretly use the microphone or webcam in your computer or Read more