FinFisher
Posted: August 20, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 78 |
| First Seen: | August 20, 2012 |
|---|---|
| OS(es) Affected: | Windows |
FinFisher is a spyware program that's marketed to various governments as a form of legal surveillance to prevent computer-related crimes. While FinFisher is ostensibly a benign product that's only used for law enforcement purposes, some copies of FinFisher have been compromised and used to steal valuable information, while other copies of FinFisher have been known to be used in dictatorships and other questionable regimes – most famously, during the rule of Egypt's Hosni Mubarak. iTunes users were very much at risk for earlier distributions of FinFisher, which exploited vulnerabilities in the iTunes installation routine to install itself. Although this vulnerability has been patched, the Gamma International Company is still selling FinFisher, and it can be assumed that other installation methods have been found.
FinFisher – the Government-Sponsored Spy with Nothing to Lose
FinFisher is installed without your permission through a variety of deceptive means. Past versions of FinFisher used an iTunes vulnerability that took Apple three years to fix – with neither explanations nor apologies from Apple forthcoming for this security lapse. As a law enforcement-tuned form of spyware, is a highly-sophisticated PC threat that can evade many brands of anti-malware scanners, break through data encryption (such as codes used to protect bank accounts and passwords), monitor various forms of communications (instant messengers, webcams, microphones, etc.) and use keylogging attacks to record typed information.
Malware analysts have also found instances of FinFisher being installed on publicly-available PCs such as the systems of Korea's ever-popular Internet cafes. Like any good spyware Trojan, FinFisher doesn't show symptoms of its many attacks, even though FinFisher allows network-based compromises of your PC's security and privacy as soon as FinFisher is installed.
FinFisher also is notable for its especial focus on Skype communication software and can monitor Skype-based calls, file transfers, normal text chats, video and even contact lists.
Keeping Out of the Way of the FinFisher Net
FinFisher's company, Gamma International, does monitor its users and shuts down illegal uses of FinFisher. However, these safeguards aren't guaranteed to work fast enough to prevent personal information from being stolen through unauthorized usage of FinFisher. Moreover, not all strictly-legal uses of FinFisher have been considered particularly benevolent, since FinFisher is also sold to totalitarian dictatorships and other governments of questionable standing, in addition to relatively trustworthy first world governments.
Despite its penchant for avoiding common detection methods, FinFisher should be removable by high-quality anti-malware programs. Nongovernment activist organizations that are dedicated to PC security and government surveillance issues, such as Wikileaks, can be considered good sources for new infection vectors by FinFisher and other forms of government-sponsored spyware. SpywareRemove.com malware analysts also suggest avoiding public PCs, such as library terminals, while you're conducting any form of confidential activities.
I have a level 6 , detection count of 244. I frequent anti establishment sites like Wikileaks. How do I remove this. When I go into RT for instance the page refreshes 2 or 3 times which is suspicious. Norton anti virus doesn't pick anything up. I am a 70 year old woman and not too savvy with electronics so help with this would be necessary in order for me to accomplish this.