Troublesome Trojans: Firm Sought to Install Spyware Via Faked iTunes Updates - Der Spiegel
A surveillance firm claims it can distribute its spyware via faked iTunes updates. Apple appears to have moved to eliminate the security gap, but the debate over trojans used by governments, both democratic and otherwise, continues to boil.
It was as if a far-flung secret society had gathered in Berlin at the end of September. Military officials and representatives of security authorities from around the world met in a luxury hotel to discuss threats in the digital world: cyber attacks, electronic espionage and online organized crime. But the most pressing issue on the agenda was technology that can be used to combat these perils.
The event was called “Cyberwarfare Europe,” but many participants had traveled to the German capital from even further afield. The roster of participants in the event listed government employees and industry representatives from the United Arab Emirates, Malaysia and Indonesia. Each attendee had paid as much as €2,700 for the privilege of listening to lectures from IT experts and military officials — including one given by a legal expert for current operations at the United States Cyber Command.
In the hotel’s foyer, companies touted their myriad surveillance technologies. The stand that stood out most was decked out in blue and black and advertised a product called FinFisher. The business cards of the young men working the stand identified them as respresentatives of the firm Gamma International GmbH of Munich. The Gamma representatives, however, were only interested in sharing information about their service with potential customers. A banner hanging above them provided hints, however: something to do with “Governmental IT Intrusion” — in other words, electronic tools for digital break-ins that can be used by governments and their agencies. The managing director, from Munich, told SPIEGEL the company had no interest in any reporting on its products.
iTunes Used to Install Trojan?
In contrast to their Italian competitor Hacking Team, which was also in Berlin to solicit new customers, the Gamma team even took steps to ensure that journalists left the room when their managing director gave a presentation.
The wariness of the media, it would seem, is not without reason. The FinFisher software on offer, it appears from marketing materials obtained by SPIEGEL, may work in a similar manner to that used by the online criminals they are intended to combat. Indeed, a video promoting FinFisher indicates that the software
Apparently, at least according to a video promoting FinFisher, the software uses Apple’s popular iTunes in order to load snooping software onto the computers of the intended suspects.