Software created by the controversial UK-based Gamma Group International was used to spy on computers that appear to be located in the United States, the UK, Germany, Russia, Iran, and Bahrain, according to a leaked trove of documents analyzed by ProPublica.
It's not clear whether the surveillance was conducted by governments or private entities. Customer e-mail addresses in the collection appeared to belong to a German surveillance company, an independent consultant in Dubai, the Bosnian and Hungarian Intelligence services, a Dutch law enforcement officer, and the Qatari government.
The leaked files—which were posted online by hackers—are the latest in a series of revelations about how state actors including repressive regimes have used Gamma's software to spy on dissidents, journalists, and activist groups.
The documents, leaked last Saturday, could not be readily verified, but experts told ProPublica they believed them to be genuine. "I think it's highly unlikely that it's a fake," said Morgan Marquis-Bore, a security researcher who while at The Citizen Lab at the University of Toronto had analyzed Gamma Group's software and who authored an article about the leak on Thursday.
The documents confirm many details that have already been reported about Gamma, such as that its tools were used to spy on Bahraini activists. Some documents in the trove contain metadata tied to e-mail addresses of several Gamma employees. Bill Marczak, another Gamma Group expert at the Citizen Lab, said that several dates in the documents correspond to publicly known events—such as the day that a particular Bahraini activist was hacked.
The leaked files contain more than 40 gigabytes of confidential technical material, including software code, internal memos, strategy reports, and user guides on how to use Gamma Group software suite called FinFisher. FinFisher enables customers to monitor secure Web traffic, Skype calls, webcams, and personal files. It is installed as malware on targets' computers and cell phones.
A price list included in the trove lists a license of the software at almost $4 million.
Exploits include techniques called "zero days" for "popular software like Microsoft Office, Internet Explorer, Adobe Acrobat Reader, and many more." Zero days are exploits that have not yet been detected by the software maker and therefore are not blocked.
- ...2 more annotations...
In one document, engineers at Gamma tested a product called FinSpy, which inserts malware onto a user's machine, and found that it could not be blocked by most antivirus software.
Documents also reveal that Gamma had been working to bypass encryption tools including a mobile phone encryption app, Silent Circle, and were able to bypass the protection given by hard-drive encryption products TrueCrypt and Microsoft's Bitlocker.
The documents also describe a "country-wide" surveillance product called FinFly ISP which promises customers the ability to intercept Internet traffic and masquerade as ordinary websites in order to install malware on a target's computer.
The most recent date-stamp found in the documents is August 2, coincidung with the first tweet by a parody Twitter account, @GammaGroupPR, which first announced the hack and may be run by the hacker or hackers responsible for the leak.
On Reddit, a user called PhineasFisher claimed responsibility for the leak. "Two years ago their software was found being widely used by governments in the middle east, especially Bahrain, to hack and spy on the computers and phones of journalists and dissidents," the user wrote. The name on the @GammaGroupPR Twitter account is also "Phineas Fisher."
GammaGroup, the surveillance company whose documents were released, is no stranger to the spotlight. The security firm F-Secure first reported the purchase of FinFisher software by the Egyptian State Security agency in 2011. In 2012, Bloomberg News and The Citizen Lab showed how the company's malware was used to target activists in Bahrain.
In 2013, the software company Mozilla sent a cease-and-desist letter to the company after a report by The Citizen Lab showed that a spyware-infected version of the Firefox browser manufactured by Gamma was being used to spy on Malaysian activists.
shared by Gary Edwards on 15 Apr 11 - No Cached
Yesterday, Microsoft announced the release of Version 1.0 technical documentation for Microsoft Office 2007, SharePoint 2007 and Exchange 2007 as an effort to drive greater interoperability and foster a stronger open relationship with their developer and partner communities. They also posted over 5000 pages of technical documentation on Microsoft Office Word, Excel and PowerPoint binary file formats on the MSDN site royalty-free basis under Microsoft’s Open Specification Promise (OSP).
shared by Gary Edwards on 24 Feb 11 - No Cached
shared by Gary Edwards on 15 Apr 10 - No Cached
shared by Gary Edwards on 14 Apr 10 - Cached
shared by Gary Edwards on 17 Oct 09 - Cached
shared by Gary Edwards on 08 Oct 09 - Cached
Rechal Morin liked it
it was clear customers wanted a more integrated and comprehensive solution from us. As just one example, they told us like they liked the WYSWIG HTML editing of SharePoint Team Services and the Web Part declarative and reusable editing of SharePoint Portal but wanted to use both models on the same site?
On the application side, we were hearing customers wanted Office to go beyond personal productivity to organizational productivity and we had to decide whether Microsoft would invest in content management, portals, unified communications, business intelligence and many other new scenarios.
we made sure SharePoint was an open platform and worked with vendors across the industry on a variety of integration approaches including published APIs and protocols.
- ...1 more annotation...
to enable customers to build business process integration and business intelligence portals, we added Excel Services and InfoPath Forms Services. Besides being exciting features, we gained invaluable learning for the team how to have an architecture that worked in the rich Office client and on the server with web access with high fidelity, round tripping, etc.
shared by Gary Edwards on 12 Aug 09 - Cached
shared by Gary Edwards on 13 Jul 09 - Cached