Mozilla sends cease-and-desist to Gamma for Firefox surveillance

Posted May 1, 2013 by Milton Este
Firefox, one of the most popular Web browsers, was recently found to serve as a medium for Gamma Group, a surveillance company of FinFisher, to spy on users using Firefox's brand and trademark to avoid detection.
The Mozilla offices
The Mozilla offices
A recent report by the University of Toronto Citizen Lab unveiled Gamma Group, a surveillance company, distributed a surveillance software by tricking people into thinking they were actually using Mozilla's Firefox web browser.
University of Toronto's Citizen Lab reports the following significant findings:
We have identified FinFisher Command & Control servers in 11 new Countries. Hungary, Turkey, Romania, Panama, Lithuania, Macedonia, South Africa, Pakistan, Nigeria, Bulgaria, Austria.
Taken together with our previous research, we can now assert that FinFisher Command & Control servers are currently active, or have been present, in 36 countries.
We have also identified a FinSpy sample that appears to be specifically targeting Malay language speakers, masquerading as a document discussing Malaysia’s upcoming 2013 General Elections.
We identify instances where FinSpy makes use of Mozilla’s Trademark and Code. The latest Malay-language sample masquerades as Mozilla Firefox in both file properties and in manifest. This behavior is similar to samples discussed in some of our previous reports, including a demo copy of the product, and samples targeting Bahraini activists.
Gamma Group
, a division of FinFisher IT Intrusion, used Firefox as their medium for installing FinSpy surveillance software. By disguising it as Firefox, it reduced the likeliness for this software to be deleted by innocent web surfers.
This software is capable of recording and accessing key-strokes, activate webcams, and even record Skype calls. However, the list does not end here and does continue to suit Gamma's purposes.
As many may have learned through a recent blog post by Mozilla, they have issued a cease and desist notice to Gamma. As their blog states, Firefox is a free open-source software used and supported by millions and thus important to ensure its integrity is protected. They also assure this does not affect Firefox directly, neither during installation nor usage. Instead, user's should be aware of Gamma trying to use Firefox's brand and trademark to avoid detection of the true FinSpy software.
The comparison between the software licensing and information can be found on PCPro outlining the similarities between the real Firefox web browser and FinSpy.