Spectator on facebook

Spectator on facebook

Eset finds internet providers may be involved in latest FinFisher surveillance campaigns

The Slovak security software company responds to threats leaked from security agencies in its latest solutions for households

(Source: Sme)

Researchers from the cyber security software company Eset have detected surveillance campaigns utilising a new variant of FinFisher, the infamous spyware also known as FinSpy. Seven countries are affected and in two of them, major internet providers have most likely been involved in infecting the targets of surveillance. Eset did not specify who in order to avoid putting anyone in danger.

“In two of the campaigns, the spyware has been spread via a man-in-the-middle attack and we believe that major internet providers have played the role of the man in the middle,” explained Filip Kafka, the Eset malware analyst who conducted the research, as cited in the company’s press release.

FinFisher is spyware marketed as a law enforcement tool and sold to governmental agencies around the world. It is also believed to have been used by oppressive regimes.

Read also: Read also:People may lose money in fake competitions on Facebook

FinFisher spyware has extensive spy capabilities, such as live surveillance through webcams and microphones, keylogging, and exfiltration of files. It has received a number of improvements in its latest version, aimed at improving its spy capabilities, staying under the radar and preventing analysis. The most important innovation, however, is the way in which the surveillance tool is delivered to targeted computers.

When a targeted user is about to download one of several popular applications such as WhatsApp, Skype or VLC Player, they are redirected to the attacker’s server. There, they are served a trojanised installation package infected with FinFisher.

“During the course of our investigations, we found a number of indicators that suggest the redirection is happening at the level of a major internet provider’s service,” said Kafka.

These campaigns are the first where the probable involvement of a major internet provider in spreading malware has been publicly disclosed, said Kafka as cited in the press release.

“These FinFisher campaigns are sophisticated and stealthy surveillance projects, unprecedented in their combination of methods and reach,” noted Kafka.

Eset responds to threats leaked from security agencies

Eset launched the latest version of its flagship security solutions for households in the middle of September. Their new layer of protection, control of UEFI (Unified Extensible Firmware Interface), is active even before the operating system Windows is launched and is searching for threats in the Unified Extensible Firmware Interface. This is because hackers are able to create a malicious code that can be launched via UEFI even before the common security solutions and the operating system are launched.

“Eset is the first security software company that provides protection of UEFI to their home users,” said Matej Krištofík, product manager at Eset.

Read also: Read also:WannaCry had little impact in Slovakia

Other improved functions include monitoring of domestic networks, providing an overview of devices connected to the user’s network and enhanced protection from ransomware. The latter works on the basis of behavioural monitoring. This means that it monitors the behaviour of apps or processes attempting to change data in the computer.

Top stories

Austrian natural gas station close to Slovak border exploded Video

The incident, which claimed one fatality and at least 18 injuries, also created an emergency in a Slovak village close to the Austrian border.

The explosion of Austrian natural gas station in Baumgarten, December 12.

Austrian natural gas station close to Slovak border exploded Video

The incident, which claimed one fatality and at least 18 injuries, also created an emergency in a Slovak village close to the Austrian border.

The explosion of Austrian natural gas station in Baumgarten, December 12.

Austrian natural gas station close to Slovak border exploded Video

The incident, which claimed one fatality and at least 18 injuries, also created an emergency in a Slovak village close to the Austrian border.

The explosion of Austrian natural gas station in Baumgarten, December 12.

Blog: Environmental sustainability is the future for sustainability in business

A great example of how you can make a difference by sharing your passion with others: Ivana Maleš, co-founder of the Institute for Circular Economy, describes her journey to a sustainability consultant.

Illustrative stock photo