iTunes Update Said to Plant Back Door for Government to Access All Your Data on Your Computer or Smartphone

The Internet Patrol - Patrolling the Internet for You

If you were one of an untold number of people who received a particular iTunes update, it will likely have planted a Trojan backdoor on your computer or smartphone (primarily iPhone or Blackberry) which allows government and law enforcement agencies access to your personal data. Let us be quick to add that this is a fake iTunes update. The malware (or “commercial software” depending on which side of this you are on) is sold primarily by three companies: Gamma FinFisher, Vupen Security, and HackingTeam. Gamma’s FinFisher product is from the UK, Vupen Security is out of France, and HackingTeam is in Italy, however all of the companies sell their software around the world.

First brought to public awareness a few days ago by Wikileaks founder Julian Assange, the revelation has been taken by some with a grain of salt because of the source. However, independent sources, including the Wall Street Journal, have confirmed the information.


While the companies such as Gamma FinFisher, Vupen and HackingTeam claim to only sell their software to legitimate government agencies and law enforcement departments, the methods that they use to get their software onto your system are anything but orthodox.

Gamma openly admits that their FinFisher software gets installed on target devices by, and we quote, “sending fake software updates for popular software.” By way of example, Gamma cites an instance where their FinFisher was used deployed an intelligence agency by tricking Blackberry users into downloading the FinFisher software, which the intelligence agency then used to “monitor all communications, including [texts], email and BlackBerry Messenger.”

In another example, says Gamma, FinFisher was deployed by intelligence agents “within the main Internet service provider of their country” and installed on people’s computers by “covertly injecting” FinFisher code on websites that people then visited.”

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

Gamma FinFisher is marketed as being able to be used on all devices by Apple, Microsoft and Blackberry.

So far Microsoft and Research in Motion (who manufactures the Blackberry) have declined to comment on the matter.

Apple, however, has issued a statement, saying that Apple works hard “to find and fix any issues that could compromise systems” and in fact Apple released an iTunes update a few weeks ago intended to thwart such actions on the part of software like FinFisher, which is essentially a “man in the middle attack”.

 

This is of particular note because FinFisher is known to be installed on computers via a fake iTunes update.

[ Get the iTunes update to thwart FinFisher here. ]

It is worth noting here that at least one security researcher noted the security hole that allows this – and warned Apple about it – more than 3 years ago, and people are asking why Apple left it open (particularly when they are known to close security holes within weeks, not years) until it came to more public hue and cry now.

A statement released by Wikileaks claims that “Surveillance companies like SS8 in the U.S., Hacking Team in Italy and Vupen in France manufacture viruses (Trojans) that hijack individual computers and phones (including iPhones, Blackberries and Androids), take over the device, record its every use, movement, and even the sights and sounds of the room it is in. Other companies like Phoenexia in the Czech Republic collaborate with the military to create speech analysis tools. They identify individuals by gender, age and stress levels and track them based on ‘voiceprints’. Blue Coat in the U.S. and Ipoque in Germany sell tools to governments in countries like China and Iran to prevent dissidents from organizing online.”

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.