by Larry Loeb
FinFisher is a suite of surveillance tools that has achieved notoriety for its use by repressive regimes and rogue states to spy on their citizens and civil rights organizations.
Security firm ESET has now found evidence for the first time that an ISP colluded with third parties to enable this surveillance software.
FinFisher features a wide range of capabilities for spying on users, including, among others, live surveillance through webcams and microphones, keylogging, and the exfiltration of files.
The first way that FinFisher infected victims was fairly typical of malware tricks and often exploited local browser vulnerabilities.
The arsenal included zero-day exploits, spear-phishing emails, drive-by downloads when users navigated to hacked sites, as well as directly installing the malware if physical access could be made to target's device.
Some of that still happens. Earlier this month, a spearphishing campaign targeting Russian users was launched which leveraged an Office 365 zero-day to distribute the malware.
Now ESET has found a