Gamma International Hacked and 40GB Data Leaked
Bohs Hansen / 5 years ago
Gamma International, the company behind FinFisher, got hacked and 40 GB of their data leaked onto torrent sites. The data is already being widely redistributed with more and more offering up their seed-boxes to help it.
Gamme International is the European company that sells computer hacking and spying software to governments and police agencies around the world. Two years ago their software was found being widely used by governments in the middle east, especially Bahrain, to hack and spy on the computers and smart devices of lawyers, journalists and dissidents.
“FinFisher can be covertly installed on targets’ computers by exploiting security lapses in the update procedures of non-suspect software. The company has been criticized by human rights organizations for selling these capabilities to repressive or non-democratic states known for monitoring and imprisoning political dissidents. Egyptian dissidents who ransacked the offices of Egypt’s secret police following the overthrow of Egyptian President Hosni Mubarak reported they discovered a contract with Gamma International for €287,000 for a license to run the FinFisher software”
Back then, Gamma denied having anything to do with it, saying they only sell their hacking tools to ‘good’ governments, and those authoritarian regimes most have stolen a copy. Since that sounded like a reasonable assumption, the story was closed and we didn’t hear any more about it. That is until a couple of days ago when a hacker, going by the name of ‘PhineasFisher’ on reddit, announced he had hacked and uploaded 40 GB of internal data from Gamma Group.
There is A LOT of data, and I won’t bore our readers with to many details here. Short story, now there is hard proof that they knew they were selling, and still are, to people using their software to attack activist and suppress the general population.
PhineasFisher has also set up a twitter account as @GammaGroupPR. The hacker is periodically posting some of the findings from the hack on to there. The twitter profile is set up as a “public page” page for Gamma Group, trying to get the word out. As serious as this is, some of his tweets have a humorous note.
FinFisher isn’t your ordinary hobby build exploit tool, we’re talking NSA grade spying here. It masquerades as legitimate programs such as Firefox and there are versions not only for computers but also for all major brands of phones. For a while, they used a long-time unfixed bug in iTunes to spread their infection.
Please let us know what you think about this. Is it okay to leak information like this to the public without going through everything first? Or is good that it got out and redistributed to as many people as possible as fast as possible? Use our comment system, forums or social media pages to tell us your thoughts.
Thank you PhineasFisher on reddit for providing us with this information.
Image courtesy of PhineasFisher on twitter.