Tråd bedømmelse:
  • 0 Stemmer - 0 Gennemsnit
  • 1
  • 2
  • 3
  • 4
  • 5
FinFisher Leak
08-08-2014, 13:20 (Denne besked var sidst ændret: 08-08-2014, 15:22 af MalcolmXI.)
#1
FinFisher Leak
Til de folk der måske ikke har set det endnu.
En Reddit bruger har hacket sig frem til 40GB af data fra Gamma International:

Citer:Basically it's a European company that sells computer hacking and spying software to governments and police agencies. Two years ago their software was found being widely used by governments in the middle east, especially Bahrain, to hack and spy on the computers and phones of journalists and dissidents. Gamma Group (the company that makes FinFisher) denied having anything to do with it, saying they only sell their hacking tools to 'good' governments, and those authoritarian regimes most have stolen a copy.
And that's the end of the story until a couple days ago when I hacked in and made off with 40GB of data from Gamma's networks. I have hard proof they knew they were selling (and still are) to people using their software to attack Bahraini activists, along with a whole lot of other stuff in that 40GB
Here's a torrent of all the data. Please download and seed. Here's a twitter feed where I'm posting some of the interesting stuff I find in there, starting off slow to build up rather than just publish all the worst shit at once.
I assumed the hacking would be the hard part and once I got the data it would just kinda go viral on it's own or something. But it turn's out without any media access or idea how that shit works, getting people to notice or care is actually kind of hard. Please share and seed the torrent!
http://www.reddit.com/r/Anarchism/commen...al_leaked/

De 40GB er så nu spredt via torrent:
Kode:
magnet:?xt=urn:btih:4e8564f0edcb3875ad2dbb9658ca3d615cc6c152&dn=finfisher&tr=http://bt.careland.com.cn:6969/announce&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.openbittorrent.com/announce

FinFisher fra Wikipedia:
Citer:FinFisher, also known as FinSpy,[1] is surveillance software marketed by Lench IT solutions PLC with a UK-based branch Gamma International Ltd in Andover, England, and a Germany-based branch Gamma International GmbH in Munich,[2][3] which markets the spyware through law enforcement channels.[1] Gamma International is a subsidiary of the Gamma Group, specializing in surveillance and monitoring, including equipment, software, and training services,[2] reportedly owned by William Louthean Nelson through a shell corporation in the British Virgin Islands.[4]

FinFisher can be covertly installed on targets' computers by exploiting security lapses in the update procedures of non-suspect software.[5][6][7] The company has been criticized by human rights organizations for selling these capabilities to repressive or non-democratic states known for monitoring and imprisoning political dissidents.[8] Egyptian dissidents who ransacked the offices of Egypt's secret police following the overthrow of Egyptian President Hosni Mubarak reported they discovered a contract with Gamma International for €287,000 for a license to run the FinFisher software.[9]

On August 6th, 2014, FinFisher source code, pricing, support history, and other related data were retrieved from the Gamma International internal network and made available on the Internet.[10]
http://en.wikipedia.org/wiki/FinFisher

Her er nogle ældre, dog stadig spændende dokumenter fra Wikileaks:
https://wikileaks.org/spyfiles/list/comp...gamma.html

Og FinFly Web er røget på Github:
https://github.com/FinFisher/FinFly-Web

Skal nok blive spændende at se, om der er nogle der er i stand til at dekryptere og reverse de mest brugbare filer.

Har taget et hurtigt kig på deres Android App, og enten er filen ikke opsat, ellers også tjekker de om man kører på emulator (Tror mest på den sidste).

Ser også ud til, at de har obfuskeret forskellige klasser, samt brugt en bug (med vilje eller ej) der gør at man ikke kan rekompilere. Har set denne bug en del gange og aldrig kommet af med den. Men kan jo være jeg bare ikke har kompetencerne til det. Håber da på at få et lidt dybere indblik i hvordan det virker.

Der er også et par nice funktioner og scripts man kan bruge til sit Exploit Kit, hvis det er noget man piller ved.

Time will tell. Der er meget at kigge igennem.
Find alle beskeder fra denne bruger
Citer denne besked i et svar
« Ældre | Nyere »




User(s) browsing this thread: 1 Gæst(er)