Security Experts:

WikiLeaks Names Customers of Controversial Surveillance Software

WikiLeaks today released new information on FinFisher, and a list of countries that have acquired licenses for the controversial suite of IT surveillance software.

FinFisher, which until October 2013 was sold by the UK-based Gamma Group, is currently maintained by the independent German company FinFisher GmbH. The surveillance solution suite, which is said to be designed to intercept communications on most popular computer platforms, has often been condemned by human rights organizations because it has been sold to various totalitarian regimes around the world that use it to spy on their opponents.

Last month, a hacker claiming to have breached the systems of Gamma leaked a total of 40Gb of files stolen from the organization's networks. By analyzing support requests contained in the leak, WikiLeaks managed to identify several entities that acquired what it calls "weaponised German surveillance malware."

The list of customers includes Slovakia, Mongolia, South Africa, Pakistan, Bahrain, Vietnam, Estonia, Nigeria, Bangladesh, Bosnia and Herzegovina, Italy, Singapore and Belgium. Interestingly, law enforcement agencies in Australia, the Netherlands, and Hungary's Secret Service are also on the list.

In Australia, for instance, the New South Wales (NSW) Police allegedly acquired a total of nine licenses for FinFisher and other surveillance products. A total of 16 licenses were purchased by Mongolia, the country that was named in May the chair of the Freedom Online Coalition.

Representatives of the NSW Police told SecurityWeek that "it's not appropriate to comment" given that the technology in question relates to operation capability.

WikiLeaks has calculated that FinFisher has sold licenses worth roughly €100 million ($129 million). The amount includes licenses marked as "deleted," but it does not include the profit made from the sale of FinFly ISP, a solution that's deployed on the networks of Internet service providers.

"Consider that the FinFly ISP licenses were not taken into account as no price as provided, and that support and training costs were not included in this estimation. Therefore we could realistically expect a higher number," WikiLeaks said.

In addition to the list of customers, WikiLeaks also published videos, brochures, manuals, and even copies of the actual software. The organization hopes that through the analysis of the programs, security and privacy researchers will be able to improve detection, and identify other countries where FinFisher solutions are currently being utilized.

"FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world," said WikiLeaks Editor-in-Chief Julian Assange, who for the past two years has been taking refuge in Ecuador's embassy in London. "The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers."

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.