Surveillance Company Gamma International Says It Sent Fake iTunes, Flash Updates

Gamma International UK Ltd. touts its ability to send a "fake iTunes update" that can infect computers with surveillance software, according to one of the company's marketing videos.

The Wall Street Journal unveiled on Saturday the "Surveillance Catalog" - an online database containing highlights from surveillance industry marketing documents. The documents show dozens of companies making and selling everything from "massive intercept" gear that can gather all Internet communications in a country to "hacking" tools that allow governments to break into people's computers.

Gamma was one of three companies marketing their skill at the kind of techniques usually used in "black hat hacking," the type of intrusion used by criminals trying to steal people's financial details.

All of the hacking companies say they sell their tools to law enforcement and governments to help them track down criminals. People in this new industry say their tools are necessary because terrorists and criminals are communicating online and hiding behind encryption and other techniques.

Perhaps the most extensive marketing materials came from Gamma's FinFisher brand, which says it works by "sending fake software updates for popular software," from Apple, Adobe and others. The FinFisher documentation included brochures in several languages, as well as videos touting the tools.

Gamma's FinFisher documents claim its tools can infect files that are being downloaded. In particular, the FinFly ISP video says it can send a "fake iTunes update" to the computer government agents want to infect. The FinFly ISP video file viewed by the Journal was unable to be reproduced for the original "Surveillance Catalog," but the Journal was able to obtain several screenshots Monday.


An Apple spokeswoman was quoted in Saturday's story as saying the company works "to find and fix any issues that could compromise [users'] systems." Apple last week introduced a security update to iTunes that could stop an attack similar to the type FinFisher claimed to be using, namely offering bogus software updates that install its spyware. "The security and privacy of our users is extremely important," the Apple spokeswoman said.

The FinFisher documents also say that its tool can allow a website to pretend that software such as Adobe's Flash is missing and will prompt the user to download the software. Adobe declined to comment.

FinFisher documentation offers several examples of how its software might be used - from fighting organized crime to terrorism to the more vague "targets." Gamma did not immediately respond to requests for comment.

Privacy advocates say they are concerned that such technology is being marketed to low-level law enforcement because the more people who have access to such "hacking" tools, the less oversight will be possible.

"The use of this technology represents a huge encroachment on civil rights and could only be justified during the most serious national security investigations," said Eric King, of the U.K. nonprofit Privacy International.

Der Spiegel published a profile of the techniques described in Gamma's FinFisher documents Monday in German