Author

Topic: FinFisher (Read 586 times)

legendary
Activity: 1267
Merit: 1000
June 01, 2015, 06:14:28 PM
#5
The extension is finfisher.torrent.

I don't proclaim to know much about tech security - I come from finance but not afraid to ask questions and learn along the way, thanks.


So it appears some .gov might be interested enough in me, to infiltrate my PC?

I'm flattered, I guess. Cheesy


EDIT:
Just for the record, if FinFisher is running:

I LOVE U, NSA Cheesy
legendary
Activity: 2674
Merit: 3000
Terminated.
June 01, 2015, 04:11:06 PM
#4
Never heard of FinFisher until now.
I deleted the file (or so I thought), but ran another search and found this:

finfisher.torrent        8/10/2014  4:00PM  TORRENT File           3.401KB    uTorrent (C:\Users\2dogs\AppData\Roaming\uTorrent)


Could it have been downloaded with uTorrent, which I did download (but hardly ever used)?
Or was it some rouge alt coin program d/l?

I'm surprised SUPERAntiSpyware didn't detect this.
You might have accidentally downloaded it. The real and important question is what the extension of that file was. Was it .torrent, .exe, .zip or something else? I wasn't aware of Finfisher until recently either ,however you obviously have not done enough research as you find it surprising that your AV/AntiSpyware program didn't detect it.

FinFisher was designed solely to infiltrate and spy on systems and is only sold to governments. I believe that most of the information about it was revealed by Snowden.
You should take a look here: https://wikileaks.org/spyfiles4/documents.html and download the file: Anti-Virus-Results-FinSpy-PC-4.40.xlsx . Checking that file will show you that almost no software detects it.
More information can also be found here: https://wikileaks.org/spyfiles4/

This is actually quite interesting though as Wikileaks themselves have stated the following:
Quote
In order to prevent any accidental execution and infection, the following files have been renamed and compressed in password protected archives (the password is "infected"). They are weaponised malware, so handle carefully.
I did not however want to risk anything until I set up an environment for testing.
legendary
Activity: 1267
Merit: 1000
June 01, 2015, 01:57:10 PM
#3
Never heard of FinFisher until now.
I deleted the file (or so I thought), but ran another search and found this:

finfisher.torrent        8/10/2014  4:00PM  TORRENT File           3.401KB    uTorrent (C:\Users\2dogs\AppData\Roaming\uTorrent)


Could it have been downloaded with uTorrent, which I did download (but hardly ever used)?
Or was it some rouge alt coin program d/l?

I'm surprised SUPERAntiSpyware didn't detect this.
legendary
Activity: 1288
Merit: 1043
:^)
June 01, 2015, 06:36:39 AM
#2
The other day I noticed "finfisher" in my download file.
Never downloaded this directly and wondered how it got there.
I had no idea what this was, looked it up and found it to be surveillance software.
Deleted it, but not sure if it is gone.

Does anyone know more about this spyware?


finfisher is surveillance software licensed out to government agencies. If you were infected with it you sure as hell wouldn't find out that easy. for sure there would be no trace in your download folder. Maybe you downloaded that file by accident. What file type is it? I bet you accidentally downloaded a PDF from some news website talking about finfisher, I did that by accident with some NSA leak files.
legendary
Activity: 1267
Merit: 1000
June 01, 2015, 06:17:26 AM
#1
The other day I noticed "finfisher" in my download file.
Never downloaded this directly and wondered how it got there.
I had no idea what this was, looked it up and found it to be surveillance software.
Deleted it, but not sure if it is gone.

Does anyone know more about this spyware?
Jump to: