Monday, 6 May 2013

In Pakistan, PTCL uses FinFisher spyware for monitoring Internet activities

by M Javed Butt
[Cyber Journalist Report]

Pakistan is among the list of countries that have utilized the services of a powerful surveillance spyware for monitoring of online activities by ordinary Internet users.

The spyware, known as FinFisher, is generally marketed through proper law-enforcement channels since official state agencies are their prominent clients. The company's portfolio summarizes the software's purpose as such: The software suite, called "The Remote Monitoring and Deployment Solutions", has the ability to take control of target computers and capture even encrypted data and communications. Using "enhanced remote deployment methods" it can install software on target computers.

The software is installed after the user accepts installation of a fake update to a popular software. Occasionally, various brands of computer programs notify their users of an update and this is exactly from where FinFisher mostly manages to set its foot in. Malware codes for FinFisher have also been detected in emails, as reported by Nicole Perlroth in The New York Times. FinFisher has in the past also exploited the iTunes brand by fooling ordinary users into believing they are doing its upgrade.

Reporters Without Borders has named Gamma International UK Ltd., parent company FinFisher, as one of the five 'Corporate Enemies of the Internet'. Until recently, authorities at Mozilla discovered the spyware had begun exploiting Firefox for its surveillance programmes on request from governments of various countries. Hence, on April 30, 2013, the company announced that they are sending Gamma International a "cease-and-desist" letter for infringement of trademark content.

A new research report has recently been released by Citizen Lab titled 'For Their Eyes Only: The Commercialization of Digital Spying' which provides complete details on the spyware's intrusion techniques and also the countries wherein its servers are hosted.

On page 101 of the report, under 'New Findings in Brief', it is mentioned:

Taken together with our previous research, we can now assert that FinFisher Command & Control servers are currently active, or have been present, in 36 countries. FinFisher Servers Found To Date: Australia, Austria, Bahrain, Bangladesh, Brunei, Bulgaria, Canada, Czech Republic, Estonia, Ethiopia, Germany, Hungary, India, Indonesia, Japan, Latvia, Lithuania, Macedonia, Malaysia, Mexico, Mongolia, Netherlands, Nigeria, Pakistan, Panama, Qatar, Romania, Serbia, Singapore, South Africa, Turkey, Turkmenistan, United Arab Emirates, United Kingdom, United States, Vietnam.
According to data by Citizen Lab, there are two FinFisher Command & Control servers in Pakistan, both of which are operated by the Pakistan Telecommunication Company Ltd (PTCL, for short).

No comments:

Post a Comment