Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Mozilla Delivers Cease and Desist Letter to Spyware Company

The Mozilla Foundation has sent a cease and desist letter to Gamma International, the creators of the FinFisher spyware tool, after the Andover, England-based firm used the Firefox brand to hide FinFisher’s real purpose.

The Mozilla Foundation has sent a cease and desist letter to Gamma International, the creators of the FinFisher spyware tool, after the Andover, England-based firm used the Firefox brand to hide FinFisher’s real purpose.

A new report from Citizen Lab shows that Gamma’s spyware is targeting Malay language speakers, masquerading as a document discussing Malaysia’s upcoming 2013 General Elections. The document, if accessed, will install the spyware that then pretends to be Firefox, by mirroring cloning Mozilla’s code and trademarks.

In a statement, Mozilla executive Alex Fowler said that Mozilla believes “Gamma’s spyware tries to give users the false impression that, as a program installed on their computer or mobile device, it’s related to Mozilla and Firefox, and is thus trustworthy both technically and in its content.”

“It’s important to note that the spyware does not affect Firefox itself, either during the installation process or when it is operating covertly on a person’s computer or mobile device. Gamma’s software is entirely separate, and only uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion.”

In addition to targeting Malay speakers, the FinFisher spyware has also hijacked the Mozilla brand in campaigns targeting pro-democracy activists in Bahrain, and in promotional demos produced by Gamma International. The cease and desist was sent on Tuesday, Gamma has issued no statements on the matter. In the past the company has refused to speak on the record when their IT Intrusion software (FinFisher) makes headlines. FinFisher, pitched to law enforcement and governments alike, has been linked to serious accusations in the past, including aiding oppressive and violent government agencies.

In 2011, documents linking Gamma International (via a proxy listed as Modern Communication Systems) were discovered in offices of the Egyptian State Security Investigations Service (Mabahith Amn al-Dawla).

The SISS, which has been linked to torture, as well as several other human rights violations over the years by both international watchdogs and citizens alike, was given a free trial of FinFisher at a time when the country was first seeing signs of revolt. Given their actions against protesters, including everything from intimidation to murder, the SISS’ usage of Gamma’s spyware touched a nerve in the public – and led to the company’s rocky reputation in the media and security sector.

The Citizens Lab report on Gamma’s “commercial network intrusion malware” is available here

Advertisement. Scroll to continue reading.

“This research is one of the first extended projects to attempt to map out the operation and prevalence of commercial surveillance software… Technical research in this field has only just begun, but it is already clear that the stakes are high,” a post on the report notes. 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...