Company type | Private |
---|---|
Industry | Computer software Computer security Surveillance software |
Founded | 1990 |
Headquarters | Bologna, Emilia-Romagna, Italy |
Products | FinFisher |
Website | https://www.gammagroup.com |
Gamma Group is an Anglo-German technology company that sells surveillance software to governments and police forces around the world. The company has been strongly criticised by human rights organisations for selling its FinFisher software to undemocratic regimes such as Egypt and Bahrain.
Following the Arab Spring protests in 2011, activists from Bahrain identified suspicious emails which were identified as social engineering attempts to persuade them to launch applications containing malicious software. The emails were passed to analysts who identified malware which would give FinFisher access to the infected computers. [1]
The University of Toronto's CitizenLab conducted an investigation of Gamma which identified "33 likely government users of FinFisher in 32 countries, based on the presence of a FinFisher master at an IP address in a country or belonging to a specific government department." [2]
In 2014, Gamma Group was hacked by a hacker calling herself Phineas Fisher and a 40 Gigabyte dump of information was released detailing Gamma's 'client lists, price lists, source code, details about the effectiveness of FinFisher malware, user and support documentation, a list of classes/tutorials, and much more.' [3] Further details about Gamma's capabilities can be found in the Surveillance Industry Index. [4]
Despite this hack and the extent of negative publicity about Gamma's activities, FinFisher was reported to be gaining in popularity around the world with numerous governments. [5]
Adware, often called advertising-supported software by its developers, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if the user clicks on the advertisement. Some advertisements also act as spyware, collecting and reporting data about the user, to be sold or used for targeted advertising or user profiling. The software may implement advertisements in a variety of ways, including a static box display, a banner display, a full screen, a video, a pop-up ad or in some other form. All forms of advertising carry health, ethical, privacy and security risks for users.
Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.
In computing, a Trojan horse is any malware that misleads users of its true intent by disguising itself as a standard program. The term is derived from the ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy.
Computer and network surveillance is the monitoring of computer activity and data stored locally on a computer or data being transferred over computer networks such as the Internet. This monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals. It may or may not be legal and may or may not require authorization from a court or other independent government agencies. Computer and network surveillance programs are widespread today and almost all Internet traffic can be monitored.
This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.
Mobile malware is malicious software that targets mobile phones or wireless-enabled Personal digital assistants (PDA), by causing the collapse of the system and loss or leakage of confidential information. As wireless phones and PDA networks have become more and more common and have grown in complexity, it has become increasingly difficult to ensure their safety and security against electronic attacks in the form of viruses or other malware.
SpySheriff is malware that disguises itself as anti-spyware software. It attempts to mislead the user with false security alerts, threatening them into buying the program. Like other rogue antiviruses, after producing a list of false threats, it prompts the user to pay to remove them. The software is particularly difficult to remove, since it nests its components in System Restore folders, and also blocks some system management tools. However, SpySheriff can be removed by an experienced user, antivirus software, or by using a rescue disk.
The multinational Internet corporation Yahoo! has received criticism for a variety of issues.
Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.
Cyber spying, cyber espionage, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. Cyber espionage can be used to target various actors- individuals, competitors, rivals, groups, governments, and others- in order to obtain personal, economic, political or military advantages. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers.
Operation Aurora was a series of cyber attacks performed by advanced persistent threats such as the Elderwood Group based in Beijing, China, with associations with the People's Liberation Army. First disclosed publicly by Google on January 12, 2010, by a weblog post, the attacks began in mid-2009 and continued through December 2009.
FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels.
HackingTeam was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "Remote Control Systems" enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. The company has been criticized for providing these capabilities to governments with poor human rights records, though HackingTeam states that they have the ability to disable their software if it is used unethically. The Italian government has restricted their licence to do business with countries outside Europe.
Morgan Marquis-Boire is a New Zealand-born hacker, journalist, and security researcher. Marquis-Boire previously served as an advisor to the Freedom of the Press Foundation. He was a Special Advisor to the Electronic Frontier Foundation (EFF) and advisor to the United Nations Interregional Crime and Justice Research Institute. He was the Director of Security at First Look Media and a contributing writer at The Intercept. He has been profiled by Wired, CNN, Süddeutsche Zeitung, and Tages Anzeiger. He was one of Wired Italy 's Top 50 people of 2014. In March 2015 he was named a Young Global Leader.
Detekt is a discontinued free tool by Amnesty International, Digitale Gesellschaft, EFF, and Privacy International to scan for surveillance software on Microsoft Windows.
Phineas Fisher is an unidentified hacktivist and self-proclaimed anarchist revolutionary. Notable hacks include the surveillance company Gamma International, Hacking Team, the Sindicat De Mossos d'Esquadra and the ruling Turkish Justice and Development Party three of which were later made searchable by WikiLeaks.
NSO Group Technologies is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.
Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by Israeli defense ministry.
On October 30, 2019, WhatsApp's parent company Facebook, Inc. confirmed that Pegasus, a sophisticated snooping software developed by Israel's NSO Group, was used to target Indian journalists, activists, lawyers and senior government officials. The journalists and activists are believed to have been targets of surveillance for a two-week period until May, when the Indian national election was held.