Bloomberg the Company & Products

Bloomberg Anywhere Login

Bloomberg

Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.

Company

Financial Products

Enterprise Products

Media

Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000

Communications

Industry Products

Media Services

Follow Us

Gamma Says No Spyware Sold to Bahrain; May Be Stolen Copy

Don't Miss Out —
Follow us on:
Morgan Marquis-Boire
University of Toronto Munk School of Global Affairs’ Citizen Lab security researcher Morgan Marquis-Boire. Photographer: Jacob Kepler/Bloomberg

July 27 (Bloomberg) -- Gamma International GmbH’s managing director said his company didn’t sell its FinFisher spyware to Bahrain, responding to research that showed activists from the Persian Gulf kingdom were targeted by what looked like the software, which can secretly monitor computers.

The Munich-based executive, Martin J. Muench, said he’s investigating whether the malicious software sent to activists was a demonstration copy of the product stolen from Gamma and used without permission.

“As you know we don’t normally discuss our clients but given this unique situation it’s only fair to say that Gamma has never sold their products to Bahrain,” Muench said in an e-mail today.

He was responding for the first time to a July 25 report by Bloomberg News that said researchers believe they’ve identified copies of FinFisher, based on an examination of the malware e-mailed to Bahraini activists. Their research, published the same day by the University of Toronto Munk School of Global Affairs’ Citizen Lab, was based on e-mails obtained by Bloomberg News.

Muench said his company can’t yet confirm whether the software analyzed by Citizen Lab is Gamma’s product.

FinFisher Portfolio

Gamma International GmbH in Germany is part of U.K.-based Gamma Group. The group also markets FinFisher through Andover, England-based Gamma International UK Ltd. Muench, 30, leads the FinFisher product portfolio.

The Citizen Lab research linked the malware sent to pro-democracy activists to FinSpy, part of the FinFisher spyware tool kit. It can secretly take remote control of a computer, copying files, intercepting Skype calls and logging every keystroke.

Based on details published by Citizen Lab, “it is unlikely that it was an installed system used by one of our clients but rather that a copy of an old FinSpy demo version was made during a presentation and that this copy was modified and then used elsewhere,” Muench wrote in his e-mail.

“The modification meant that there was no message sent to our server when the demo product was used against a real target,” he said. An unaltered demo would have sent a message to Gamma, and the company would have been able to deactivate that copy of the software, he said.

“I can speculate that probably the demonstration version may have been stolen using a flash drive but I have no evidence to support this,” Muench said. He added that Gamma will tighten its security during presentations.

The Citizen Lab research showed the malware took screen shots, intercepted voice-over-Internet calls and transmitted a record of every keystroke to a computer in Manama, the capital of Bahrain, which has been gripped by tension since a government crackdown on protests last year.

Muench said the transmissions to Bahrain don’t mean the computer ultimately receiving the data is in that country.

“It could simply be a proxy server, which most of our clients setup around the world to anonymize the created network traffic,” he said.

He said in the e-mail that Gamma complies with the export regulations of the U.K., U.S. and Germany.

To contact the reporter on this story: Vernon Silver in Rome at vtsilver@bloomberg.net;

To contact the editor responsible for this story: Melissa Pozsgay at mpozsgay@bloomberg.net

Please upgrade your Browser

Your browser is out-of-date. Please download one of these excellent browsers:

Chrome, Firefox, Safari, Opera or Internet Explorer.