hoodlum
MuscleHead
- Jan 3, 2012
- 903
- 172
Alright guys so I'm not going to go in to too much effort here in the first post if people aren't interested but I think its important people here know their enemy. We all know that in this day and age the police spy on their targets, monitor their internet traffic and things along those lines but there is quiet a bit of proof showing that they take things much much further than that. If you think they just watch what you view/send then your behind the game by about 10 years. The NSW Police were identified as a Gamma Group customer and have been deploying spyware on targets. Wikileaks (https://wikileaks.org/spyfiles4/index.html) says that it "is a German company that produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices" and they are accurate. You can even find a copy of the actual spyware used (https://wikileaks.org/spyfiles4/binaries/finfisher.1.zip & https://wikileaks.org/spyfiles4/binaries/finfisher.2.zip Password: infected) and they are active malware so if you want to sandbox it and take a look at how it works you can. Wikileaks Spy Files are going to be very interesting...
You can view the FinFisher product list/brochure at: https://www.dropbox.com/s/bn932yvoqdh6aju/FF_SolutionBroschüre_RZ_web.pdf
On the brochure you will see their products are specifically aimed at users like us "A target was identified within a discussion board but no direct or e-mail contact was possible.
The agency created a web server containing an Internet Explorer 0-day exploit, which deployed
the solution on the target system after he opened the URL that was sent to him through a private
message in the discussion board."
If you are more worried about the FinSpy Mobile you can find the product details here https://t.co/TQO9mdYVq5
This is EXACTLY what our government is using to spy on us. They're taking it a step further than just intercepting traffic. Know your enemy. Don't think you aren't important enough for you to be a target, its been detected on human rights activists systems.
There was a breakdown by Rapid7 (the group behind Metasploit) back in 2012 and they identified the Australian server:
You can find their breakdown: https://community.rapid7.com/community/infosec/blog/2012/08/08/finfisher
Citizen Lab analysis: https://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/
For anyone that doesn't understand this kind of stuff, its EXACTLY why sub par implementations of security DO NOT work. I'm always happy to have security discussions with people and help protect them.
You can view the FinFisher product list/brochure at: https://www.dropbox.com/s/bn932yvoqdh6aju/FF_SolutionBroschüre_RZ_web.pdf
On the brochure you will see their products are specifically aimed at users like us "A target was identified within a discussion board but no direct or e-mail contact was possible.
The agency created a web server containing an Internet Explorer 0-day exploit, which deployed
the solution on the target system after he opened the URL that was sent to him through a private
message in the discussion board."
If you are more worried about the FinSpy Mobile you can find the product details here https://t.co/TQO9mdYVq5
This is EXACTLY what our government is using to spy on us. They're taking it a step further than just intercepting traffic. Know your enemy. Don't think you aren't important enough for you to be a target, its been detected on human rights activists systems.
There was a breakdown by Rapid7 (the group behind Metasploit) back in 2012 and they identified the Australian server:
Australia - IP Address: 121.215.253.151 ASN: TELSTRA INTERNET Observed On: 13 Jul 2012
You can find their map (quiet outdated) https://maps.google.it/maps/ms?msid...6.015625&spn=151.231771,351.914063&dg=feature
You can find their map (quiet outdated) https://maps.google.it/maps/ms?msid...6.015625&spn=151.231771,351.914063&dg=feature
You can find their breakdown: https://community.rapid7.com/community/infosec/blog/2012/08/08/finfisher
Citizen Lab analysis: https://citizenlab.org/2012/07/from-bahrain-with-love-finfishers-spy-kit-exposed/
For anyone that doesn't understand this kind of stuff, its EXACTLY why sub par implementations of security DO NOT work. I'm always happy to have security discussions with people and help protect them.