Mozilla moves to stop spyware company from spoofing Firefox
Gamma International disguised its FinSpy program as the web browser, according to a new report
IDG News Service - Mozilla sent a cease-and-desist letter on Tuesday to a European company that created a piece of spyware masquerading itself as the Firefox browser.
The move comes after computer security researchers said Tuesday they discovered that a well-known spyware program called FinSpy was spoofing Firefox. Mozilla was alerted by the researchers, who are with Citizen Lab, a research project that is part of the University of Toronto's Munk School of Global Affairs.
FinSpy is one component in a set of remote interception and intrusion tools called FinFisher, which is made by a subsidiary of U.K-based Gamma Group called Gamma International.
Citizen Lab has done extensive research into FinSpy and found it is being used in a number of countries with poor human rights records and has been used to target activists. It is considered by some to be malicious software.
On Tuesday, Citizen Lab released a summary of its latest findings. FinSpy makes use of Mozilla's trademark and code, wrote researchers Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri and John Scott-Railton.
"The latest Malay-language sample masquerades as Mozilla Firefox in both file properties and in manifest," they wrote. "This behavior is similar to samples discussed in some of our previous reports, including a demo copy of the product, and samples targeting Bahraini activists."
Hackers often dress up malicious files to make them appear to be benign, piggybacking on the inherent trust users put into known programs. Appearing to be Firefox makes it more likely potential victims will be duped into installing FinSpy.
Citizen Lab plans to release its latest report, "For Their Eyes Only: The Commercialization of Digital Spying," early Wednesday morning EST, which includes new findings on the proliferation of FinFisher.
The group said it found FinFisher command-and-control servers in 11 new countries: Hungary, Turkey, Romania, Panama, Lithuania, Macedonia, South Africa, Pakistan, Nigeria, Bulgaria and Austria. The report also summarizes one year of research Citizen Lab has done into the commercial market for offensive intrusion tools developed by Western companies.
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!