In association with heise online

01 May 2013, 11:01

Mozilla sends cease and desist to spyware maker

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Mozilla and Security icon

Mozilla has confirmed that it has sent a cease and desist letter to Gamma International, makers of the FinFisher spyware. A report by the University of Toronto Citizen Lab on the global spread of Gamma's FinFisher spyware revealed that the FinSpy component deployed on victims' systems masquerades as Mozilla Firefox. Binaries report themselves as "Firefox.exe" and carry properties that are associated with Firefox including version numbers and copyright and trademark claims that refer to "Firefox and Mozilla developers". Mozilla also notes that an expert user examining the code of Gamma's spyware would find a verbatim copy of the assembly manifest from Firefox software.

Gamma's use of the "brand and trademarks to lie and mislead" does not affect Firefox itself; the use of the Firefox branding and properties is "entirely separate" from the Firefox code and is just one of the methods that FinFisher uses to avoid detection. Mozilla's Alex Fowler, who leads on privacy and public policy for the organisation, says that this deception is specifically trading on Mozilla's reputation of being trustworthy – in 2012, for example, Mozilla was named "Most Trusted Internet Company for Privacy" in a Ponemon Institute studyPDF.

This is in sharp contrast to where Gamma's FinFisher has been used. According to Citizen Lab, the software has turned up in spyware attacks on pro-democracy activists in Bahrain and has apparently been deployed in Malaysia where a General Election is taking place. The organisation "Reporters without Borders" listed Gamma as one of five "Corporate Enemies of the Internet" in its recent surveillance report.

With that in mind, Mozilla says it has sent the cease and desist letter to Gamma. "Not only are these activities illegal, but we take them seriously because they are deceptive, harm users, cause consumer confusion, and jeopardize Mozilla’s reputation," says Fowler. Mozilla did not publish the content of the letter. It is currently unclear how Mozilla plans to legally progress if Gamma does not cease and desist, and there are few legal precedents which would inform how a case would progress from that point.



  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit