Spectator on facebook

Spectator on facebook

Eset finds internet providers may be involved in latest FinFisher surveillance campaigns

The Slovak security software company responds to threats leaked from security agencies in its latest solutions for households

(Source: Sme)

Researchers from the cyber security software company Eset have detected surveillance campaigns utilising a new variant of FinFisher, the infamous spyware also known as FinSpy. Seven countries are affected and in two of them, major internet providers have most likely been involved in infecting the targets of surveillance. Eset did not specify who in order to avoid putting anyone in danger.

“In two of the campaigns, the spyware has been spread via a man-in-the-middle attack and we believe that major internet providers have played the role of the man in the middle,” explained Filip Kafka, the Eset malware analyst who conducted the research, as cited in the company’s press release.

FinFisher is spyware marketed as a law enforcement tool and sold to governmental agencies around the world. It is also believed to have been used by oppressive regimes.

Read also: Read also:People may lose money in fake competitions on Facebook

FinFisher spyware has extensive spy capabilities, such as live surveillance through webcams and microphones, keylogging, and exfiltration of files. It has received a number of improvements in its latest version, aimed at improving its spy capabilities, staying under the radar and preventing analysis. The most important innovation, however, is the way in which the surveillance tool is delivered to targeted computers.

When a targeted user is about to download one of several popular applications such as WhatsApp, Skype or VLC Player, they are redirected to the attacker’s server. There, they are served a trojanised installation package infected with FinFisher.

“During the course of our investigations, we found a number of indicators that suggest the redirection is happening at the level of a major internet provider’s service,” said Kafka.

These campaigns are the first where the probable involvement of a major internet provider in spreading malware has been publicly disclosed, said Kafka as cited in the press release.

“These FinFisher campaigns are sophisticated and stealthy surveillance projects, unprecedented in their combination of methods and reach,” noted Kafka.

Eset responds to threats leaked from security agencies

Eset launched the latest version of its flagship security solutions for households in the middle of September. Their new layer of protection, control of UEFI (Unified Extensible Firmware Interface), is active even before the operating system Windows is launched and is searching for threats in the Unified Extensible Firmware Interface. This is because hackers are able to create a malicious code that can be launched via UEFI even before the common security solutions and the operating system are launched.

“Eset is the first security software company that provides protection of UEFI to their home users,” said Matej Krištofík, product manager at Eset.

Read also: Read also:WannaCry had little impact in Slovakia

Other improved functions include monitoring of domestic networks, providing an overview of devices connected to the user’s network and enhanced protection from ransomware. The latter works on the basis of behavioural monitoring. This means that it monitors the behaviour of apps or processes attempting to change data in the computer.

The processing of personal data is subject to our Privacy Policy and the Cookie Policy. Before submitting your e-mail address, please make sure to acquaint yourself with these documents.

Top stories

NAKA detains businessman Kočner

The shady businessman featured in several scandals was detained June 20 in connection to questionable promissory notes and tax-related crimes.

Marián Kočner

Last Week in Slovakia: Farmers staged a protest by driving across the country Audio

Listen to all the headlines from The Slovak Spectator's news podcast.

Farmers also met President Andrej Kiska in Bratislava

Report: Slovak-made arms could end up in terrorist hands

A report published at GLOBSEC points out that arms coming form Slovakia were used in Charlie Hebdo and Munich mall attacks.

Illegal arms keep surfacing in Slovakia as well. Illustrative stock photo

What are the biggest challenges of Slovak journalism?

Trust in the media slightly increased following the murder of journalist but it may not last.