Indian Officials Allegedly Spied On by Pakistan`s Malware

Some 30 Indian officials are being surveyed without their knowledge through the FinFisher governmental spying system, according to a report issued by the Cyber Security and Privacy Foundation.

A set of documents recently disclosed by WikiLeaks show how the spying program is used by the Pakistan government to target IP addresses of Indian officials to steal private data from their computers. The tool is known to intercept Skype conversations, capture keystrokes, monitor webcam and microphones, trace location and steal files from the device it`s installed on.

Malware has allegedly infiltrated the victims` network when they clicked to view an image of the Khushab Nuclear Complex, a plutonium production nuclear reactor located near Punjab, Pakistan.

According to a message from a customer, the program is designed to work even when the computer is turned off.

“We would be pleased if Gamma can add a feature in which the agent is able to select the files to download even when the target is offline and whenever the target comes online, those selected files may be downloaded without the interaction required from user,” the report says.

The program is also capable of bypassing TrueCrypt, a free encryption tool. Since it boosts “advanced polymorphic cryptors”, detecting it through traditional anti-malware software can prove difficult.

“Most antivirus companies only use MD5 hashes to identify the spyware on computers,” it adds. “We recommend Government of India to take immediate steps to develop specialized scanners which can identify/protect against FinFisher attacks from neighboring countries. “