WikiLeaks Publishes FinFisher Client Countries
Today, WikiLeaks has published the promised portion of secret documents that reveal the list of states whose security and intelligence structures used the services of FinFisher malicious spyware. This list includes Slovakia, Mongolia, Qatar, South Africa, Bahrain, Pakistan, Estonia, Vietnam, Australia, Belgium, Nigeria, Holland, Singapore, Bangladesh, Hungary, Italy, Bosnia and Herzegovina. WikiLeaks also calculated the total value of all licenses that were acquired by the above-listed states. It turned out an impressive amount of more than 47 million euros. So much was spent by the special services of the states on the implementation of cyber espionage operations.
FinFisher itself is distributed through several European firms, and the clients are exclusively state bodies. security or firm closely related to such. The malicious program belongs to the spyware family and is used for spying on users, and the functionality can be expanded at the request of the customer. Malicious code can be used for various purposes, for example, interception of Skype conversations.
')
FinFisher propagation methods are practically the same as those used by common intruders, namely, attachments to phishing messages, fake updates for known software, and automatic installation via exploits. One of the ways that FinFisher spread, which received a great response after the announcement, was to exploit the vulnerability of the update mechanism of the famous Apple iTunes software. When updating iTunes on a PC, FinFisher could be automatically installed.
One of the modifications of FinFisher is detected by ESET AV products as Win32 / Belesak.D .
FinFisher itself is distributed through several European firms, and the clients are exclusively state bodies. security or firm closely related to such. The malicious program belongs to the spyware family and is used for spying on users, and the functionality can be expanded at the request of the customer. Malicious code can be used for various purposes, for example, interception of Skype conversations.
')
FinFisher propagation methods are practically the same as those used by common intruders, namely, attachments to phishing messages, fake updates for known software, and automatic installation via exploits. One of the ways that FinFisher spread, which received a great response after the announcement, was to exploit the vulnerability of the update mechanism of the famous Apple iTunes software. When updating iTunes on a PC, FinFisher could be automatically installed.
One of the modifications of FinFisher is detected by ESET AV products as Win32 / Belesak.D .
Source: https://habr.com/ru/post/236909/
All Articles