Mozilla Claims Spyware Company Hijacked Firefox

Peter Suciu for — Your Universe Online

On Wednesday the Mozilla Foundation sent a cease-and-desist letter to British-based Gamma International Ltd., claiming that the latter was passing off its FinFisher spy software as a Firefox product. Mozilla is the maker of the open source-based browser, and called Gamma International´s tactic abusive.

“We are sending Gamma, the FinFisher parent company, a cease and desist letter demanding that these practices be stopped immediately,” Mozilla executive Alex Fowler said in an emailed statement, picked up by the Washington Post.

This comes as researchers have reportedly found samples of Gamma´s FinFisher spy software disguised as a Firefox file, apparently as a way to fool computer users into believing the spyware was in fact harmless. Gamma provides its surveillance software to governments and law enforcement. It markets its software as “remote monitoring” programs that government agencies can use to take control of computers to “snoop” on data and communication.

According to Citizen Lab, which released a summary of its latest findings, FinSpy makes use of Mozilla´s trademark and code. Citizen Lab identified FinFish Command & Control servers in 11 new countries, including Hungary, Turkey, Romania, Panama, Lithuania, Macedonia, South Africa, Pakistan, Nigeria, Bulgaria and Austria.

Citizen Lab consists of researchers from the University of Toronto´s Munk School of Global Affairs.

“We identify instances where FinSpy makes use of Mozilla´s Trademark and Code. The latest Malay-language sample masquerades as Mozilla Firefox in both file properties and in manifest. This behavior is similar to samples discussed in some of our previous reports, including a demo copy of the product, and samples targeting Bahraini activists,” wrote researchers Morgan Marquis-Boire, Bill Marczak, Claudio Guarnieri and John Scott-Railton.

The FinFisher commercial network intrusion malware was used in the targeting of activists in Bahrain. More ominously the software “appears to be specifically targeting Malay language speakers, masquerading as a document discussing Malaysia´s upcoming 2013 General Elections,” the researchers added.

This still falls short of providing evidence that FinFisher was in fact being used by one government or another, but does show the global reach of such software.

“It really shows the ubiquity of this type of software,” Citizen Lab´s Morgan Marquis-Boire told the Washington Post on Wednesday.

“It´s important to note that the spyware is not connected with any Mozilla product, including Firefox, in how it is installed or operates on a person´s computer or mobile device. Only our brand and trademarks are used by the spyware as a method to avoid detection and deletion,”said Mozilla in a statement, as cited by Wired.

Mozilla launched Firefox as an open source browser in 2002 as an alternative to Microsoft´s then dominant Internet Explorer. The name reportedly came from a nickname for a red panda, but that didn´t inspire the right image for the browser´s logo. The irony in this is that Firefox was also the name of a 1982 spy thriller starring Clint Eastwood, where he steals an advanced Soviet aircraft named “Firefox.”

This is also not the first time Gamma International has found itself in the spotlight. This past March the company was reportedly identified as one of five ℠corporate enemies of the Internet´ by journalists´ lobbying group Reporters Without Borders. Last month the rights group Privacy International also sued the British government, alleging that Gamma had illegally exported its surveillance technology.

Gamma International denied the accusations.

Leave a Reply

Your email address will not be published. Required fields are marked *