hmmm - not good.

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • stj
    Great Sage 齊天大聖
    • Dec 2009
    • 30985
    • Albion

    #1

    hmmm - not good.

    http://cyberwarzone.com/finfisher-du...rsky-included/
  • Th3_uN1Qu3
    Believe in
    • Jul 2010
    • 6031
    • Romania

    #2
    Re: hmmm - not good.

    Not even Malwarebytes picked it up? That is indeed reason for worry.
    Originally posted by PeteS in CA
    Remember that by the time consequences of a short-sighted decision are experienced, the idiot who made the bad decision may have already been promoted or moved on to a better job at another company.
    A working TV? How boring!

    Comment

    • stj
      Great Sage 齊天大聖
      • Dec 2009
      • 30985
      • Albion

      #3
      Re: hmmm - not good.

      "wanted" to pick it up / reported finding it, you mean!!!

      Comment

      • cheapie
        null
        • Jul 2010
        • 849
        • USA

        #4
        Re: hmmm - not good.

        Is this a Windows-only (or Windows/Mac only) thing?

        Comment

        • c_hegge
          Badcaps Legend
          • Sep 2009
          • 5219
          • Australia

          #5
          Re: hmmm - not good.

          Originally posted by Th3_uN1Qu3
          Not even Malwarebytes picked it up? That is indeed reason for worry.
          And what's really strange is that, of all Antivirus programs, McAfee picked it up
          I love putting bad caps and flat batteries in fire and watching them explode!!

          No wonder it doesn't work! You installed the jumper wires backwards

          Main PC: Core i7 3770K 3.5GHz, Gigabyte GA-Z77M-D3H-MVP, 8GB Kingston HyperX DDR3 1600, 240GB Intel 335 Series SSD, 750GB WD HDD, Sony Optiarc DVD RW, Palit nVidia GTX660 Ti, CoolerMaster N200 Case, Delta DPS-600MB 600W PSU, Hauppauge TV Tuner, Windows 7 Home Premium

          Office PC: HP ProLiant ML150 G3, 2x Xeon E5335 2GHz, 4GB DDR2 RAM, 120GB Intel 530 SSD, 2x 250GB HDD, 2x 450GB 15K SAS HDD in RAID 1, 1x 2TB HDD, nVidia 8400GS, Delta DPS-650BB 650W PSU, Windows 7 Pro

          Comment

          • stj
            Great Sage 齊天大聖
            • Dec 2009
            • 30985
            • Albion

            #6
            Re: hmmm - not good.

            McAfee probably didnt get the bribe.
            that guy (John McAfee) has a history, he was prosecuted once to writing a virus to boost sales.

            Comment

            • stj
              Great Sage 齊天大聖
              • Dec 2009
              • 30985
              • Albion

              #7
              Re: hmmm - not good.

              Originally posted by cheapie
              Is this a Windows-only (or Windows/Mac only) thing?
              the terrorists behind FinFisher have versions for every o.s. including mobile ones.

              Comment

              • diif
                Badcaps Legend
                • Feb 2014
                • 6978
                • England

                #8
                Re: hmmm - not good.

                As it's been out over 3 years and is expensive, i'd like to think it wasn't picked up by many antivirus solutions.
                FinFisher is for Linux too.

                Comment

                • cheapie
                  null
                  • Jul 2010
                  • 849
                  • USA

                  #9
                  Re: hmmm - not good.

                  Originally posted by diif
                  FinFisher is for Linux too.
                  Well, then.... let's hope that it doesn't become a big problem.

                  Comment

                  • stj
                    Great Sage 齊天大聖
                    • Dec 2009
                    • 30985
                    • Albion

                    #10
                    Re: hmmm - not good.

                    it cant get far in linux or osx without being given root access.

                    it's much harder to takeover a nix box because the security works very differently than windoze.
                    the same does not apply to fonez where the fone company / google are the root admin and you are just the user.
                    that's why you should always install a custom rom and lay off the app-store crap.

                    got an "eye-fone" - your fucked in that regard!

                    Comment

                    • goontron
                      5000!
                      • Dec 2011
                      • 4108
                      • US

                      #11
                      Re: hmmm - not good.

                      Originally posted by stj
                      it cant get far in linux or osx without being given root access.

                      it's much harder to takeover a nix box because the security works very differently than windoze.
                      the same does not apply to fonez where the fone company / google are the root admin and you are just the user.
                      that's why you should always install a custom rom and lay off the app-store crap.

                      got an "eye-fone" - your fucked in that regard!
                      +1 to get the equivalent of root on windows its just one API call away.... with anything *nix it's a call to sudo, su, xdg-su, etc. and the rest would exceed the character limit of the forum.
                      Things I've fixed: anything from semis to crappy Chinese $2 radios, and now an IoT Dildo....

                      "Dude, this is Wyoming, i hopped on and sent 'er. No fucking around." -- Me

                      Excuse me while i do something dangerous


                      You must have a sad, sad boring life if you hate on people harmlessly enjoying life with an animal costume.

                      Sometimes you need to break shit to fix it.... Thats why my lawnmower doesn't have a deadman switch or engine brake anymore

                      Follow the white rabbit.

                      Comment

                      • ratdude747
                        Black Sheep
                        • Nov 2008
                        • 17136
                        • USA

                        #12
                        Re: hmmm - not good.

                        Originally posted by stj
                        it cant get far in linux or osx without being given root access.

                        it's much harder to takeover a nix box because the security works very differently than windoze.
                        the same does not apply to fonez where the fone company / google are the root admin and you are just the user.
                        that's why you should always install a custom rom and lay off the app-store crap.

                        got an "eye-fone" - your fucked in that regard!
                        Two points:

                        1. what finfisher was made to do doesn't require root... as spying on a single user doesn't require or benifit from taking the system down. Ideally such would change as little as possible to avoid detection.

                        2. A lot of phones don't allow for custom roms like my POS Att galaxy S4. locked bootloader and it was made after the batch disabling loki came out. I didn't know at the time ATT locked all thier bootloaders... so I'm fucked for another year. Lucky to get root... and I couldn't even get safestrap to work (not that that compatible roms are any better, they still have touchwiz bullshit to pass the bootloader).
                        sigpic

                        (Insert witty quote here)

                        Comment

                        • goontron
                          5000!
                          • Dec 2011
                          • 4108
                          • US

                          #13
                          Re: hmmm - not good.

                          Originally posted by ratdude747
                          Two points:

                          1. what finfisher was made to do doesn't require root... as spying on a single user doesn't require or benifit from taking the system down. Ideally such would change as little as possible to avoid detection.

                          2. A lot of phones don't allow for custom roms like my POS Att galaxy S4. locked bootloader and it was made after the batch disabling loki came out. I didn't know at the time ATT locked all thier bootloaders... so I'm fucked for another year. Lucky to get root... and I couldn't even get safestrap to work (not that that compatible roms are any better, they still have touchwiz bullshit to pass the bootloader).
                          not sure what it would be spying on. all keyloggers (that i have found) crash X. clamAV is OSS, so yeah.....
                          Things I've fixed: anything from semis to crappy Chinese $2 radios, and now an IoT Dildo....

                          "Dude, this is Wyoming, i hopped on and sent 'er. No fucking around." -- Me

                          Excuse me while i do something dangerous


                          You must have a sad, sad boring life if you hate on people harmlessly enjoying life with an animal costume.

                          Sometimes you need to break shit to fix it.... Thats why my lawnmower doesn't have a deadman switch or engine brake anymore

                          Follow the white rabbit.

                          Comment

                          • ratdude747
                            Black Sheep
                            • Nov 2008
                            • 17136
                            • USA

                            #14
                            Re: hmmm - not good.

                            Screenshots perhaps?
                            sigpic

                            (Insert witty quote here)

                            Comment

                            • stj
                              Great Sage 齊天大聖
                              • Dec 2009
                              • 30985
                              • Albion

                              #15
                              Re: hmmm - not good.

                              a nix ap will need root access to get itself to reliably auto-start.
                              if it just attaches to a user proccess then it's dead after a reboot.
                              the only possible way around thatis to spoof itself as a screensaver - but i'm not even sure that would work because the screen savers are in the root path and the terror-ware could not insert or link itself to the path without being root.
                              it also cant hide - not that protesters,journalists etc know how to look for it anyway.

                              Comment

                              • goontron
                                5000!
                                • Dec 2011
                                • 4108
                                • US

                                #16
                                Re: hmmm - not good.

                                Originally posted by ratdude747
                                Screenshots perhaps?
                                I would, but....
                                No seriously, where can I get a replacement print screen keycap for an IBM model m keyboard?
                                Attached Files
                                Things I've fixed: anything from semis to crappy Chinese $2 radios, and now an IoT Dildo....

                                "Dude, this is Wyoming, i hopped on and sent 'er. No fucking around." -- Me

                                Excuse me while i do something dangerous


                                You must have a sad, sad boring life if you hate on people harmlessly enjoying life with an animal costume.

                                Sometimes you need to break shit to fix it.... Thats why my lawnmower doesn't have a deadman switch or engine brake anymore

                                Follow the white rabbit.

                                Comment

                                • stj
                                  Great Sage 齊天大聖
                                  • Dec 2009
                                  • 30985
                                  • Albion

                                  #17
                                  Re: hmmm - not good.

                                  you could patent that and sell modded keyboards to the u.s. government.
                                  call it the anti-snowdon keyboard layout!

                                  Comment

                                  • Spork Schivago
                                    Badcaps Legend
                                    • Mar 2012
                                    • 4734
                                    • United States of America

                                    #18
                                    Re: hmmm - not good.

                                    Originally posted by stj
                                    a nix ap will need root access to get itself to reliably auto-start.
                                    if it just attaches to a user proccess then it's dead after a reboot.
                                    the only possible way around thatis to spoof itself as a screensaver - but i'm not even sure that would work because the screen savers are in the root path and the terror-ware could not insert or link itself to the path without being root.
                                    it also cant hide - not that protesters,journalists etc know how to look for it anyway.
                                    Not really arguing with you here but for KDE, I know you used to be able to put a shell script in /home/username/.kde/Autostart and it'd auto start when you logged into KDE. I don't know if that still works. I run Gnome now. /home/username/.kde/Autostart would be owned by the user, not root, I'd like to think.
                                    -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

                                    Comment

                                    • stj
                                      Great Sage 齊天大聖
                                      • Dec 2009
                                      • 30985
                                      • Albion

                                      #19
                                      Re: hmmm - not good.

                                      kde autostart wont work with kde4, i know because i tried to use it once for a christmas screen decoration.
                                      it worked in kde3 though.

                                      Comment

                                      • Agent24
                                        I see dead caps
                                        • Oct 2007
                                        • 4951
                                        • New Zealand

                                        #20
                                        Re: hmmm - not good.

                                        Interesting but that VT scan has not been updated for a couple of months.. needs to be re-scanned to see what's up now... but they have to re-upload the file I think
                                        "Tantalum for the brave, Solid Aluminium for the wise, Wet Electrolytic for the adventurous"
                                        -David VanHorn

                                        Comment

                                        Related Topics

                                        Collapse

                                        Working...