Sad day for privacy today! Cybersecurity researchers have just found that one of the most powerful, infamous, and advanced pieces of government-grade commercial surveillance spyware named FinSpy (FinFish) is targeting users all over the world.
For those who don’t know, FinSpy is a powerful government class spyware created by German company Gamma International; can be used to target iOS, Android, and desktop users.
Over the time Gamma Group declared that FinSpy espionage tool is exclusively sold to government agencies across the world, but the real facts demonstrate otherwise because multiple non-government related targets have been spied with this tool.
If you are a FinSpy target, we sadly have to inform you that all of your personal information, such as SMS/MMS messages, phone call recordings, emails, contacts, pictures, files, and GPS location data from your iPhone are not private anymore. It is also capable of recording all of your VoIP calls that you made via external apps such as Skype, WeChat, Viber, LINE, as well as via secure messaging apps such as WhatsApp, Threema, Signal, and Telegram.
Except for the above-presented capabilities FinSpy includes keylogging functionality and has also been designed to cover up the tracks of its activities on a targeted device.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Experts say that as you read this lines a cyber-espionage campaign is undergoing at full power targeting iOS users with FinSpy all over the world.
FinSpy requires to have root privileges on a targeted device; because of iOS security the implant doesn’t work properly on iOS without jailbreaking, but experts say that nowadays jailbreak can be achieved remotely with a combination of multiple zero-day vulnerabilities.
While investigating this espionage campaign, researchers found that updated hacker-versions of the FinSpy are targeting 20 countries, and this is just the beginning.
Regarding this big cybersecurity problem, Gamma said that they are currently investigating the incident, without giving any more details
The problem here is that Gamma is continuously working on the updates for the FinSpy malware, so there is literally no protection you can add to keep your data safe, experts say.
The only thing you can do is to never store or send extremely sensitive information from your iOS or Android devices.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber-attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.