New York Times
(08/31/12) Nicole Perlroth
Sophisticated, commercially available spyware originally designed to aid in criminal investigations is being used by repressive regimes to track political dissidents, according to evidence turned up by Google engineer Morgan Marquis-Boire and computer science Ph.D. student Bill Marczak. The software, FinSpy, can capture computer screen images, record chats on Skype, log keystrokes, and avoid detection by popular antivirus programs. Research has tied FinSpy to servers in more than 12 countries, although no government has admitted to using the software for the purpose of surveillance. FinSpy's maker, U.K.-based Gamma Group, says it sells monitoring software to governments for criminal surveillance only, but the Electronic Frontier Foundation's Eva Galperin notes monitoring dissidents is a typical application of the spyware in countries "where the rule of law is not so strong." Marquis-Boire and Marczak's analysis of suspicious emails sent to Bahraini activists uncovered spyware in the emails that reported back to the same Bahrain-based command-and-control server, and the apparent use of the software for activist surveillance suggested broader utilization. FinSpy was found to be operating in 10 other countries, and Marquis-Boise says in one instance the software was running on a Turkmenistan server.