Skype monitoring, Gmail hacks, and fake iTunes updates: How 'spy agencies' track you

1 of 23 NEXT PREV

The private intelligence sector makes millions, if not billions year on year by selling its spy tracking software, secretive hardware, and phone tapping and computer hacking wares to state intelligence services.

Often sold to the highest bidder without consequences, these companies can support civil rights breaking governments, and be used by state agencies to spy on its own citizens.

One of these companies, the Gamma Group, which alleged links to the repressive Egyptian regime that was dismantled by the recent Arab Spring revolution, is one of many companies that offers states and governments this capability.

This gallery will show you exactly how the Gamma Group can infiltrate your hard drives, mobile phones and even your applications.

--
To read more about the private intelligence sector, and the recent video releases in the Wikileaks' 'Spy Files', click here.

Related:
Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
The Gamma Group has a variety of videos that demonstrate how it can monitor targets through a range of products.

The FinIntrusion Kit can, using public Wi-Fi, access usernames and passwords of targets checking email, logging into websites, social networks and forums.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
It is not clear how this works, but one suspects it involves software-based deep-packet inspection, that can then be used to access the private data.

The software gives its headquarters access to all of the captured accounts.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
FinSpy demonstrates how the 'target' can be having a Skype conversation, but allows its headquarters full access to the target's system. This includes the video camera if one is available, any chat messages that are sent and received.

Truecrypt, the popular open-source encryption software, is also used in this video.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
The software has keylogger capabilities. This allows the 'agent' to see the password that is being entered to encrypt the files, and file access gives the 'agent' access to the encrypted volume.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
This then gives the headquarters access to any encrypted files the 'target' has.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
FinSpy gives headquarters unlimited access to a mobile device. The 'target' receives a fake update message to his device. Should the user download the update, the software will be installed on the device.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
Once the device is infected with the tracking software, the headquarters will be given full access to the smartphone, including messages and encrypted content.

While the 'target' in this video shows a BlackBerry being remotely accessed, other smartphones are affected, according to leaked documentation.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
FinUSB Suite allows 'agents' to access computers through a USB drive ladened with the software. Provided the office or 'target' computer is vacated, the software can access the computer's files immediately after the USB drive is plugged in.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
The employee "must wait until all data is transferred", before removing the device that contains a "silent copy of files".

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
Chat logs, browsing history and the contents of Windows' Recycle Bin are all copied over to the USB device.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
Headquarters can then "generate reports" based on the imported data, using specialist software.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
FinFireWire allows the 'agent' to covertly unlock a password-protected computer. From here, the previously mentioned FinSpy can be installed on the target computer, giving headquarters full access to the infected machine.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
FinFly USB allows broad snooping on a range of machines. The 'agent' can visit multiple Internet café's, and insert a USB drive on all machines.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
If the 'target' uses one of the infected machines, all of their activity will be recorded, including Skype conversations. This is functionality that even the U.S. National Security Agency has reportedly had difficult with; intercepting the peer-to-peer infrastructure that Microsoft recently acquired.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
FinFly LAN can inject downloads with spying software. If the 'target' is downloading files from the web, the 'agent' can run the software to discover the 'target' machine.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
Because all the systems are connected via the same network, the 'agent' can inject FinSpy software in the download itself. This then gives the headquarters full access to the machine.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
FinFly Web works by targeting Wi-Fi networks within the near vicinity. This requires use of a surveillance van or similar mobile equipment.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
Headquarters can then exploit the 'target' by "infecting visited websites" with the tracking software.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
Should the 'target' accept a popup, for example, this can lead to the silent installing of the FinSpy tracking software, giving headquarters full access to the infected computer.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
Perhaps most ominous of all these tracking products, FinFly ISP would involve an 'agent' deploying the server into the core network.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
This server can then be used to analyse traffic for "easy 'target' identification". It is thought that combined hardware and software efforts offer similar (or exact) functionality to deep packet inspection.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker
If the 'target' connects to the Internet through his infected ISP, the software can send a fake iTunes update to the target system. If the user accepts, then full access to the machine is given to the headquarters.

Published: December 11, 2011 -- 13:11 GMT (05:11 PST)
Caption by: Zack Whittaker