Wikileaks releases FinFisher files to highlight government malware abuse

assange.si

WikiLeaks has released more information on controversial commercial surveillance tools, criticising the German government for not blocking a “weaponised malware” developer from shipping its code to countries with regimes with poor human rights records.

WikiLeaks’ latest Spy Files publication included some previously unreleased versions of the malware in question, produced by FinFisher, a German firm that used to be part of UK-based Gamma International.

FinFisher can infect Apple OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Phone devices.

The files, originally obtained by a hacker going by the name Phineas Fisher in August, should be used to improve detection systems to protect people’s PCs and mobiles, WikiLeaks said.

The organisation also believes the files will help researchers uncover further human rights abuses related to FinFisher, which can be used to siphon off data from machines and spy on communications, from email to Skype.

According to the leaks, FinFisher customers include law enforcement and government agencies in Australia, Bahrain, Bangladesh, Belgium, Bosnia & Herzegovina, Estonia, Hungary, Italy, Mongolia, Netherlands, Nigeria, Pakistan, Singapore, Slovakia, South Africa and Vietnam.

This backs up data from Citizen Lab, a Toronto-based non-profit that focuses on protecting activists online, which last year released details on apparent use of FinFisher in 25 countries.

The FinFisher suite of spy software was originally brought to light when documents were found in the offices of Egypt’s secret police after former president Hosni Mubarak was deposed.

Since then, activists from Ethiopia and Bahrain, amongst other nations, claimed to have been targeted by governments using FinFisher.

WikiLeaks said Germany should take action to stop the malware spreading. “FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise,” said Julian Assange, WikiLeaks’ editor in chief.

“Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centres.”

Assange’s organisation claimed FinFisher’s revenue from the sales documented in the leak amounted to around €50m (£40m), though Bill Marczak, a researcher from Citizen Lab, suggested this could have been over-estimated.

FinFisher and its previous owner Gamma have previously claimed they only sold their products to responsible governments, though researchers and activists believe the firm has lied about its customer list. It had..

Read more