U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

Disclosed 40 GB of data of FinFisher government spyware related to alleged Gamma hack

A Hacker claims to have hacked the network of Gamma International firm and he has leaked docs related to the malware-for-government FinFisher. Earlier this week the British company Gamma International appears to have been hacked and a collection of files from its systems have been leaked on the Internet. The security firm is popular because it […]

Disclosed 40 GB of data of FinFisher government spyware related to alleged Gamma hack

A Hacker claims to have hacked the network of Gamma International firm and he has leaked docs related to the malware-for-government FinFisher.

Earlier this week the British company Gamma International appears to have been hacked and a collection of files from its systems have been leaked on the Internet. The security firm is popular because it designs spyware applications for law enforcement agencies and government entities, its most popular solution is FinFisher, a spyware that is able to secretly spy on target computers intercepting communications, recording every keystroke and taking the complete control of the host.
The news of the clamorous hack was spread via Twitter and Reddit, the hacker who has posted it claims to have successfully infiltrated the network Gamma Internationa and has exposed 40GB of internal data which includes details on the diffusion of the surveillance system FinFisher.

“And that’s the end of the story until a couple days ago when I hacked in and made off with 40GB of data from Gamma’s networks. I have hard proof they knew they were selling (and still are) to people using their software to attack Bahraini activists, along with a whole lot of other stuff in that 40GB Here’s a torrent of all the data. Please download and seed. Here’s a twitter feed where I’m posting some of the interesting stuff I find in there, starting off slow to build up rather than just publish all the worst shit at once.

I assumed the hacking would be the hard part and once I got the data it would just kinda go viral on it’s own or something. But it turn’s out without any media access or idea how that shit works, getting people to notice or care is actually kind of hard. Please share and seed the torrent!” is reported on the reddit post Gamma International Leaked.

The leaked documents include the source code of the Web Finfly solution, client lists, price lists, information about the effectiveness of Finfisher malware, user guide, tutorials and support documentation and many other documents.
The Register revealed that the cost for  the FinSpy solution is  1.4 million Euros, the price list details a lot of optional services offered by Gamma for FinFisher.

“A price list, which appeared to be a customers’ record, revealed the FinSpy program cost 1.4 million Euros and a variety of penetration testing training services priced at 27,000 Euros each. The document did not contain a date but it did show prices for malware targeting the recent iOS version 7 platform. Support costs ranged from 2218 Euros for USB malware support to 331,840 for fifth year support for FinSpy.” reports the Register.

finfisher Gamma solution slide
The hacker has initially released the full package on Dropbox as a torrent file, in a short time it was spread on the Internet and several Tweets sent by security experts were referring with caution the event.
One of the documents, titled “FinFisher Products Extended Antivirus Test” and dated April 2014, provides an analysis of avoidance capabilities of FinFisher, listing the antivirus detection rates. FinFisher is able to elude the monitoring of principal 35 anti-virus products, evaluation that recognize the product ad very efficient surveillance tool.
The file dump includes many other characteristics of FinFisher, its rootkit component is able to avoid Microsoft Security Essentials but OS X Skype detect the presence of the malware showing a recording prompt to the victim.
According the document FinFisher is not able to spy on communications of Window 8 users, the dump reveals users should opt for the Metro version of Skype rather than the desktop client because it cannot be monitored by the spyware.
The leaked file includes a fake Adobe Flash Player updater, a Firefox plugin for RealPlayer and a detailed documentation for WhatsApp eavesdripping.

price list, which appeared to be a customers’ record, revealed the FinSpy program cost 1.4 million Euros and a variety of penetration testing training services priced at 27,000 Euros each,” the Reg. reported. “The document did not contain a date but it did show prices for malware targeting the recent iOS version 7 platform.”

Stay Tuned for more detailed info!

Pierluigi Paganini

(Security Affairs –  FinFisher, spyware)