According to a research published on Wednesday by the University of Toronto Munk School of Global Affairs’ Citizen Lab Bahraini activists have been targeted by a Spyware which take control of a computer, copy files, intercept Skype calls and transmits a record of every keystroke to a computer in Manama.
The group based their research on five different e-mails obtained by Bloomberg News from activists targeted by the malware.
According to researchers from the University of Toronto, rights activists were targeted by the spyware FinFisher in April and May.
The malware, which is sold by the UK-based Gamma group, was sent to potential victims via e-mails. In the emails, activists were encouraged to open the document attached. One of the emails, which was sent from firstname.lastname@example.org, a fake address, which could have easily fooled recipients as Melissa Chan is a real correspondent for Al Jazeera, read: "Acting president Zainab Al-Khawaja for human rights Bahrain reports of torture on Mr Nabeel Rajab after his release [sic] Please check the attached detailed report along with torture images"
The emails generally suggested that the attachments contained political content of interest to pro-democracy activists and dissidents.
The victims of FinFisher included naturalized U.S. citizen who owns gas stations in Alabama, a London-based human rights activist and a British-born economist in Bahrain. All of them told Bloomberg News they were not aware of “any law enforcement investigations or charges against them.”
“Selling software that allows for the taking over of computers without rule of law can lead to abuse,” Courtney Radsch, senior program manager for freedom of expression at Washington-based Freedom House, which promotes human rights, told Bloomberg News.
John Scott-Railton, a doctoral student at the University of California Los Angeles’ Luskin School of Public Affairs who has helped track Trojans in Libya and Syria told Bloomberg: “The Bahraini case is a breakthrough because it shows the use of a more sophisticated, invasive hacking tool available for purchase by nations that might not be able to develop their own cyber weapons”.
FinFisher is one of the many weapons used by governments in their cyber-war against activists whether it is Bahrain, Syria or Egypt.
Over the past 16 months, Syrian activists have been targeted many times including through the use of Trojans, which install spying software on their computer, but also through the use of fishing attacks which steal activists’ Youtube and Facebook login details.
TrendMicro, a Malware Blog discovered in April the existence of a website which purports to provide encryption for Skype while it actually installs DarkComet 3.3, a malware which enables the attacker to “capture webcam activity, disable notification setting for certain antivirus program, steal passwords and more.”