Bitcoin Forum
December 18, 2017, 09:20:23 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: FinFisher  (Read 465 times)
2dogs
Legendary
*
Offline Offline

Activity: 1258


Believe half of what u see & none of what u hear


View Profile
June 01, 2015, 11:17:26 AM
 #1

The other day I noticed "finfisher" in my download file.
Never downloaded this directly and wondered how it got there.
I had no idea what this was, looked it up and found it to be surveillance software.
Deleted it, but not sure if it is gone.

Does anyone know more about this spyware?

1513632023
Hero Member
*
Offline Offline

Posts: 1513632023

View Profile Personal Message (Offline)

Ignore
1513632023
Reply with quote  #2

1513632023
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
subSTRATA
Legendary
*
Offline Offline

Activity: 994


View Profile
June 01, 2015, 11:36:39 AM
 #2

The other day I noticed "finfisher" in my download file.
Never downloaded this directly and wondered how it got there.
I had no idea what this was, looked it up and found it to be surveillance software.
Deleted it, but not sure if it is gone.

Does anyone know more about this spyware?


finfisher is surveillance software licensed out to government agencies. If you were infected with it you sure as hell wouldn't find out that easy. for sure there would be no trace in your download folder. Maybe you downloaded that file by accident. What file type is it? I bet you accidentally downloaded a PDF from some news website talking about finfisher, I did that by accident with some NSA leak files.
2dogs
Legendary
*
Offline Offline

Activity: 1258


Believe half of what u see & none of what u hear


View Profile
June 01, 2015, 06:57:10 PM
 #3

Never heard of FinFisher until now.
I deleted the file (or so I thought), but ran another search and found this:

finfisher.torrent        8/10/2014  4:00PM  TORRENT File           3.401KB    uTorrent (C:\Users\2dogs\AppData\Roaming\uTorrent)


Could it have been downloaded with uTorrent, which I did download (but hardly ever used)?
Or was it some rouge alt coin program d/l?

I'm surprised SUPERAntiSpyware didn't detect this.

Lauda
Legendary
*
Offline Offline

Activity: 1694


GUNBOT Licenses -20% with ref. code 'GrumpyKitty'


View Profile WWW
June 01, 2015, 09:11:06 PM
 #4

Never heard of FinFisher until now.
I deleted the file (or so I thought), but ran another search and found this:

finfisher.torrent        8/10/2014  4:00PM  TORRENT File           3.401KB    uTorrent (C:\Users\2dogs\AppData\Roaming\uTorrent)


Could it have been downloaded with uTorrent, which I did download (but hardly ever used)?
Or was it some rouge alt coin program d/l?

I'm surprised SUPERAntiSpyware didn't detect this.
You might have accidentally downloaded it. The real and important question is what the extension of that file was. Was it .torrent, .exe, .zip or something else? I wasn't aware of Finfisher until recently either ,however you obviously have not done enough research as you find it surprising that your AV/AntiSpyware program didn't detect it.

FinFisher was designed solely to infiltrate and spy on systems and is only sold to governments. I believe that most of the information about it was revealed by Snowden.
You should take a look here: https://wikileaks.org/spyfiles4/documents.html and download the file: Anti-Virus-Results-FinSpy-PC-4.40.xlsx . Checking that file will show you that almost no software detects it.
More information can also be found here: https://wikileaks.org/spyfiles4/

This is actually quite interesting though as Wikileaks themselves have stated the following:
Quote
In order to prevent any accidental execution and infection, the following files have been renamed and compressed in password protected archives (the password is "infected"). They are weaponised malware, so handle carefully.
I did not however want to risk anything until I set up an environment for testing.


          ▄▄█████▌▐█████▄▄
       ▄█████████▌    ▀▀▀███▄
     ▄███████████▌  ▄▄▄▄   ▀██▄
   ▄█████████████▌  ▀▄▄▀     ▀██▄
  ▐██████████████▌  ▄▄▄▄       ▀█▌
 ▐███████████████▌             ▀█▌
 ████████████████▌  ▀▀▀█         ██
▐████████████████▌  ▄▄▄▄         ██▌
▐████████████████▌  ▀  ▀         ██▌
 ████████████████▌  █▀▀█         ██
 ▐███████████████▌  ▀▀▀▀        ▄█▌
  ▐██████████████▌  ▀▀▀▀       ▄█▌
   ▀█████████████▌  ▀▀█▀     ▄██▀
     ▀███████████▌  ▀▀▀▀   ▄██▀
       ▀█████████▌    ▄▄▄███▀
          ▀▀█████▌▐█████▀▀
▬◉▬
▬◉▬
▬◉▬
▬◉▬
▬◉▬
▬◉▬
▬◉▬
▬◉▬
      ▄▄▄
 ▄▄█████████▄▄
  ▀▀▀▀▀▀▀▀▀▀▀
   █▌▐█ █▌▐█
   █▌▐█ █▌▐█
 ▄███████████▄
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄






▄█████████████▄
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
███████████████
██▀▀█▀▀████████
▀█████████████▀
2dogs
Legendary
*
Offline Offline

Activity: 1258


Believe half of what u see & none of what u hear


View Profile
June 01, 2015, 11:14:28 PM
 #5

The extension is finfisher.torrent.

I don't proclaim to know much about tech security - I come from finance but not afraid to ask questions and learn along the way, thanks.


So it appears some .gov might be interested enough in me, to infiltrate my PC?

I'm flattered, I guess. Cheesy


EDIT:
Just for the record, if FinFisher is running:

I LOVE U, NSA Cheesy

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!