Finfisher is an interesting product. Much of what it offers has been available in open source projects[1][2] for quite a while. I imagine it's probably the management overhead and GUI based interface that they sell it on.
Evilgrade (link below) is particularly interesting and handles the fake update part of the infection. Typically you'd use something like a metasploit (or equivalent) payload to install.
After the downfall of Egyptian dictator Hosni Mubarak, the BBC obtained evidence that Gamma had offered its technology to the country’s regime for surveilling Egyptians’ use of tools like Hotmail, Yahoo! mail, Gmail and Skype.
Note to self:
Do not ever work for Gamma.
Remember "Gamma" if you meet someone who worked for them.
I work with gamma as a UK telephone operator. The divsion of gamma that was involed with this was gamma international. Where as Gamma for UK is a pretty much a seperate company. One of those things where the right hand does not know what the left hand is doing.
looking at their website, they dont seem linked in anyway :/ https://www.gammagroup.com/Default.aspx maybe they are not part of each other but just share a name.
Has anyone seen a exploit that allows an attacker to view your camera, without turning on the green indicator light? This is the kind of stuff my nightmares are made of.
Evilgrade (link below) is particularly interesting and handles the fake update part of the infection. Typically you'd use something like a metasploit (or equivalent) payload to install.
[1] - http://www.infobyte.com.ar/developments.html [2] - http://www.metasploit.com/