Virus Guy <Virus@Guy.com> wrote in news:4ECC75ED.5B90742@Guy.com:
> Surveillance Company Says It Sent Fake iTunes, Flash Updates
>
> http://blogs.wsj.com/digits/2011/11/...-says-it-sent-
> fake-itunes-flash-updates-documents-show/
>
> Gamma International UK Ltd. touts its ability to send a “fake iTunes
> update” that can infect computers with surveillance software, according
> to one of the company’s marketing videos.
>
> The Wall Street Journal unveiled on Saturday the “Surveillance Catalog”
> – an online database containing highlights from surveillance industry
> marketing documents. The documents show dozens of companies making and
> selling everything from “massive intercept” gear that can gather all
> Internet communications in a country to “hacking” tools that allow
> governments to break into people’s computers.
>
> http://projects.wsj.com/surveillance-catalog/
>
> Gamma was one of three companies marketing their skill at the kind of
> techniques usually used in “black hat hacking,” the type of intrusion
> used by criminals trying to steal people’s financial details.
>
> All of the hacking companies say they sell their tools to law
> enforcement and governments to help them track down criminals. People in
> this new industry say their tools are necessary because terrorists and
> criminals are communicating online and hiding behind encryption and
> other techniques.
>
> Perhaps the most extensive marketing materials came from Gamma’s
> FinFisher brand, which says it works by “sending fake software updates
> for popular software,” from Apple, Adobe and others. The FinFisher
> documentation included brochures in several languages, as well as videos
> touting the tools.
>
> http://projects.wsj.com/surveillance...arch/FinFisher
>
> Gamma’s FinFisher documents claim its tools can infect files that are
> being downloaded. In particular, the FinFly ISP video says it can send a
> “fake iTunes update” to the computer government agents want to infect.
> The FinFly ISP video file viewed by the Journal was unable to be
> reproduced for the original “Surveillance Catalog,” but the Journal was
> able to obtain several screenshots Monday.
>
> An Apple spokeswoman was quoted in Saturday’s story as saying the
> company works “to find and fix any issues that could compromise [users']
> systems.” Apple last week introduced a security update to iTunes that
> could stop an attack similar to the type FinFisher claimed to be using,
> namely offering bogus software updates that install its spyware. “The
> security and privacy of our users is extremely important,” the Apple
> spokeswoman said.
>
> The FinFisher documents also say that its tool can allow a website to
> pretend that software such as Adobe’s Flash is missing and will prompt
> the user to download the software. Adobe declined to comment.
>
> FinFisher documentation offers several examples of how its software
> might be used – from fighting organized crime to terrorism to the more
> vague “targets.” Gamma did not immediately respond to requests for
> comment.
>
> Privacy advocates say they are concerned that such technology is being
> marketed to low-level law enforcement because the more people who have
> access to such “hacking” tools, the less oversight will be possible.
>
> “The use of this technology represents a huge encroachment on civil
> rights and could only be justified during the most serious national
> security investigations,” said Eric King, of the U.K. nonprofit Privacy
> International.
>
> Der Spiegel published a profile of the techniques described in Gamma’s
> FinFisher documents Monday in German.
>
It's mostly social engineering and custom spyware/trojan style programming.
Same ****, different day.
--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts
Reply With Quote