[LINK] Google engineer finds British spyware on PCs and smartphones

Kim Holburn kim at holburn.net
Mon Sep 3 09:10:02 AEST 2012 

All the articles talk about is it working under windows and just mention casually it works in Linux and MacOS.  Just saying they work in Linux or Mac doesn't cut it.  Those platforms are much harder to infect.  Not saying it's not possible, just saying I would need a lot more proof.  The entry to a unix based system is much more difficult to overcome.


On 2012/Sep/03, at 2:35 AM, Fernando Cassia wrote:

> On Sun, Sep 2, 2012 at 12:46 PM, Fernando Cassia <fcassia at gmail.com> wrote:
>> 
>> https://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/
>> 
>> These technical details are very interesting. I have to say, I had no
>> knowledge of a "right to left override" character and that thanks to
>> the windows shell´s good design (sarcasm) it´d allow a exe to
>> maskerade as something else like a .jpg) by flipping the characters in
>> a file name, so that someone.jpg.exe visually becomes someone.exe.jpg.
> 
> A little more about finfisher... Linux not secure at all.
> 
> -----
> "According to CitizenLab's research and WikiLeaks cables, following
> should be the supported features":
> 
>    Bypassing of 40 regularly tested Antivirus Systems
>    Covert Communication with Headquarters
>    Full Skype Monitoring (Calls, Chats, File Transfers, Video, Contact List)
>    Recording of common communication like Email, Chats and Voice-over-IP
>    Live Surveillance through Webcam and Microphone
>    Country Tracing of Target
>    Silent extracting of Files from Hard-Disk
>    Process-based Key-logger for faster analysis
>    Live Remote Forensics on Target System
>    Advanced Filters to record only important information
>    Supports most common Operating Systems (Windows, Mac OSX and Linux)
> 
> "We believe that the Skype interception module is implemented
> tampering the circular sound buffer from Windows' DirectSound
> interface."
> ------
> source:
> http://www.infosecisland.com/blogview/22202-FinFisher-The-Cyber-Espionage-Tool-Found-Everywhere.html
> 
> FC
> 
> -- 
> During times of Universal Deceit, telling the truth becomes a revolutionary act
> Durante épocas de Engaño Universal, decir la verdad se convierte en un
> Acto Revolucionario
> - George Orwell
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

More information about the Link mailing list