|
Title: FinFisher Post by: 2dogs on June 01, 2015, 11:17:26 AM The other day I noticed "finfisher" in my download file.
Never downloaded this directly and wondered how it got there. I had no idea what this was, looked it up and found it to be surveillance software. Deleted it, but not sure if it is gone. Does anyone know more about this spyware? Title: Re: Finisher Post by: subSTRATA on June 01, 2015, 11:36:39 AM The other day I noticed "finfisher" in my download file. Never downloaded this directly and wondered how it got there. I had no idea what this was, looked it up and found it to be surveillance software. Deleted it, but not sure if it is gone. Does anyone know more about this spyware? finfisher is surveillance software licensed out to government agencies. If you were infected with it you sure as hell wouldn't find out that easy. for sure there would be no trace in your download folder. Maybe you downloaded that file by accident. What file type is it? I bet you accidentally downloaded a PDF from some news website talking about finfisher, I did that by accident with some NSA leak files. Title: Re: FinFisher Post by: 2dogs on June 01, 2015, 06:57:10 PM Never heard of FinFisher until now.
I deleted the file (or so I thought), but ran another search and found this: finfisher.torrent 8/10/2014 4:00PM TORRENT File 3.401KB uTorrent (C:\Users\2dogs\AppData\Roaming\uTorrent) Could it have been downloaded with uTorrent, which I did download (but hardly ever used)? Or was it some rouge alt coin program d/l? I'm surprised SUPERAntiSpyware didn't detect this. Title: Re: FinFisher Post by: Lauda on June 01, 2015, 09:11:06 PM Never heard of FinFisher until now. You might have accidentally downloaded it. The real and important question is what the extension of that file was. Was it .torrent, .exe, .zip or something else? I wasn't aware of Finfisher until recently either ,however you obviously have not done enough research as you find it surprising that your AV/AntiSpyware program didn't detect it. I deleted the file (or so I thought), but ran another search and found this: finfisher.torrent 8/10/2014 4:00PM TORRENT File 3.401KB uTorrent (C:\Users\2dogs\AppData\Roaming\uTorrent) Could it have been downloaded with uTorrent, which I did download (but hardly ever used)? Or was it some rouge alt coin program d/l? I'm surprised SUPERAntiSpyware didn't detect this. FinFisher was designed solely to infiltrate and spy on systems and is only sold to governments. I believe that most of the information about it was revealed by Snowden. You should take a look here: https://wikileaks.org/spyfiles4/documents.html and download the file: Anti-Virus-Results-FinSpy-PC-4.40.xlsx . Checking that file will show you that almost no software detects it. More information can also be found here: https://wikileaks.org/spyfiles4/ This is actually quite interesting though as Wikileaks themselves have stated the following: Quote In order to prevent any accidental execution and infection, the following files have been renamed and compressed in password protected archives (the password is "infected"). They are weaponised malware, so handle carefully. I did not however want to risk anything until I set up an environment for testing. Title: Re: FinFisher Post by: 2dogs on June 01, 2015, 11:14:28 PM The extension is finfisher.torrent.
I don't proclaim to know much about tech security - I come from finance but not afraid to ask questions and learn along the way, thanks. So it appears some .gov might be interested enough in me, to infiltrate my PC? I'm flattered, I guess. :D EDIT: Just for the record, if FinFisher is running: I LOVE U, NSA :D |