September 26, 2017
Internet service provider’s involvement in the latest campaign utilizing a new variant of the government spying software FinFisher has been suspected. ISP’s in several countries have reportedly come under suspicion for distributing the malware to local government targets.
FinFisher, which is also known as FinSpy in some places, is a surveillance suite developed by Munich-based Gamma Group. The tool is sold government customers and law enforcement worldwide and is adept in avoiding detection by traditional antivirus software. The malware can be used to monitor communication software such as Skype, eavesdrop on video chats, log calls, view and copy user files, and more. According to Gamma Group, it helps government law enforcement and intelligence agencies identify, locate and convict serious criminals.
According to ESET researchers, the malware has been spread to seven countries at present, in which, two of them have ISP’s are "most likely" working in collaboration with governments to infect targets of interest with the surveillance malware.
“FinFisher has extensive spying capabilities, such as live surveillance through webcams and microphones, keylogging, and exfiltration of files. What sets FinFisher apart from other surveillance tools, however, are the controversies around its deployments. FinFisher is marketed as a law enforcement tool and is believed to have been used also by oppressive regimes,” said the blog post by ESEP.