Canada is among 25 countries linked to a spyware network that is being used by repressive governments to stifle dissent, according to researchers at the University of Toronto.
A new study from the Citizen Lab at the Munk School of Global Affairs has identified Canada as one of the countries where servers are hosted for FinFisher, a trojan horse program that can evade software security measures and log keystrokes on a computer, turn on cameras and microphones, grab screen images and even listen in on Skype chats.
Also known as FinSpy, the software first came to researchers’ attention in the spring of 2011, when protesters in Egypt raided a government office and found a proposal from FinSpy’s makers to sell the program to the government of then-Egyptian President Hosni Mubarak.
The software’s makers, U.K.-based Gamma International, say the software is meant to be used “against pedophiles, terrorists, organized crime, kidnapping and human trafficking,” according to the New York Times.
But the Citizen Lab researchers say the software is "regularly obtained by countries where dissenting political activity and speech is criminalized."
“A FinSpy campaign in Ethiopia uses pictures of Ginbot 7, an Ethiopian opposition group, as bait to infect users. This continues the theme of FinSpy deployments with strong indications of politically-motivated targeting,” the Citizen Lab report states.
“There is strong evidence of a Vietnamese FinSpy Mobile Campaign. We found an Android FinSpy Mobile sample in the wild with a command & control server in Vietnam that also exfiltrates text messages to a local phone number.”
The researchers identified a server operated by Softcom Inc., a web hosting service located in Canada, as hosting FinSpy. But because this is a hosting service, it’s difficult to say who is operating FinSpy from that location, or for what purposes.
"They (Gamma) claim that they only sell to government, law enforcement and intelligence communities," said Morgan Marquis-Boire, a San Francisco-based engineer for Google who is one of the authors of the Citizen Lab report, in an interview with The Canadian Press.
"Given that hosting in (the web hosting company's) ranges is acquirable with the use of money, it's difficult to provide strong attribution."
Among the other countries where FinFisher servers are located are Mexico, Bangladesh, Malaysia, Serbia, Vietnam and the United States.
No government has ever admitted to using FinSpy, the New York Times reports.
“This is dual-use equipment,” Eva Galperin of the internet civil liberties activist group Electronic Frontier Foundation told the Times. “If you sell it to a country that obeys the rule of law, they may use it for law enforcement. If you sell it to a country where the rule of law is not so strong, it will be used to monitor journalists and dissidents.”
But “if you look at the list of countries that Gamma is selling to, many do not have a robust rule of law,” Marquis-Boire told the New York Times. “Rather than catching kidnappers and drug dealers, it looks more likely that it is being used for politically motivated surveillance.”