The Mozilla Foundation has sent a cease and desist letter to Gamma International, the creators of the FinFisher spyware tool, after the Andover, England-based firm used the Firefox brand to hide FinFisher’s real purpose.
A new report from Citizen Lab shows that Gamma’s spyware is targeting Malay language speakers, masquerading as a document discussing Malaysia’s upcoming 2013 General Elections. The document, if accessed, will install the spyware that then pretends to be Firefox, by mirroring cloning Mozilla’s code and trademarks.
In a statement, Mozilla executive Alex Fowler said that Mozilla believes “Gamma’s spyware tries to give users the false impression that, as a program installed on their computer or mobile device, it’s related to Mozilla and Firefox, and is thus trustworthy both technically and in its content.”
“It’s important to note that the spyware does not affect Firefox itself, either during the installation process or when it is operating covertly on a person’s computer or mobile device. Gamma’s software is entirely separate, and only uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion.”
In addition to targeting Malay speakers, the FinFisher spyware has also hijacked the Mozilla brand in campaigns targeting pro-democracy activists in Bahrain, and in promotional demos produced by Gamma International. The cease and desist was sent on Tuesday, Gamma has issued no statements on the matter. In the past the company has refused to speak on the record when their IT Intrusion software (FinFisher) makes headlines. FinFisher, pitched to law enforcement and governments alike, has been linked to serious accusations in the past, including aiding oppressive and violent government agencies.
In 2011, documents linking Gamma International (via a proxy listed as Modern Communication Systems) were discovered in offices of the Egyptian State Security Investigations Service (Mabahith Amn al-Dawla).
The SISS, which has been linked to torture, as well as several other human rights violations over the years by both international watchdogs and citizens alike, was given a free trial of FinFisher at a time when the country was first seeing signs of revolt. Given their actions against protesters, including everything from intimidation to murder, the SISS’ usage of Gamma’s spyware touched a nerve in the public – and led to the company’s rocky reputation in the media and security sector.
The Citizens Lab report on Gamma’s “commercial network intrusion malware” is available here.
“This research is one of the first extended projects to attempt to map out the operation and prevalence of commercial surveillance software… Technical research in this field has only just begun, but it is already clear that the stakes are high,” a post on the report notes.