From the Editors
[The following press release was issued by Bahrain Watch on 25 July 2012.]
UK COMPANY HELPS BAHRAIN GOVT SPY ON ACTIVISTS
Malicious E-Mail Attachments Sent to Activists Steal Passwords, Record Skype Calls
Bahrain’s government is spying on Bahraini activists with a malicious computer program apparently supplied by a UK firm.
Bahrain Watch founding member Bill Marczak, and Citizen Lab security researcher Morgan Marquis-Boire analyzed a string of suspicious e-mails sent to activists over the past two months. The e-mails promised exclusive images or documents about the political situation in Bahrain. Upon closer examination, the e-mails were found to contain attachments that installed a malicious program on a victim’s computer. Some of these e-mails impersonated Al Jazeera English reporter Melissa Chan.
The malicious program was found to record keystrokes, take screenshots, record Skype calls, and steal passwords saved in web browsers, e-mail programs, and instant messaging programs. The malicious program sent this data to an internet address in Bahrain.
The analysis suggests that the malicious program is “FinSpy,” a product of UK firm Gamma International. FinSpy belongs to the FinFisher suite for “Governmental IT Intrusion and Remote Monitoring Solutions.” Gamma International was criticized for apparently selling the same product to Mubarak’s regime in Egypt. Before technology giant Apple closed the security gap, FinSpy would infect computers by tricking users into thinking that it was an iTunes update. London-based NGO Privacy International has threatened to take the UK government to court for failing to control the export of surveillance technology to repressive foreign regimes.
During the analysis of FinSpy, a stolen GMail password was later used in an attempt to access the GMail account, suggesting that the Bahraini government is actively monitoring and exploiting the information captured by FinSpy.
A detailed report of the technical analysis of the program can be read at:
A non-technical report of the analysis by Bloomberg News can be read at:
Bahrain Watch would like to extend its gratitude to all of the activists, researchers, and journalists, including those at Bloomberg News, who contributed to this story.
Have I Been Infected?
The malicious e-mails analyzed were sent from the following addresses:
The malicious e-mails analyzed had the following subject lines:
- Existence of a new dialogue - Al-Wefaq & Government authority
- Torture reports on Nabeel Rajab
- King Hamad planning
- Breaking News from Bahrain – 5 Suspects Arrested
The malicious attachments display images or documents when opened. If you have received e-mails with these subject lines or from these addresses, DO NOT OPEN THE ATTACHMENTS. If you opened one of the attachments, your computer may be infected. STOP USING THE INFECTED COMPUTER IMMEDIATELY.
If you have received these e-mails, or any other suspicious e-mail about Bahrain with an attachment, please contact email@example.com with details.
Tips for Safe Internet Usage
Do not open unsolicited attachments received via email, Skype or any other communications mechanism. If you believe that you are being targeted, be especially cautious when downloading files over the Internet, even from links that are purportedly sent by friends.
Contact Bahrain Watch
If you prefer, email your comments to firstname.lastname@example.org.
Hot on Facebook
Jadalicious / جدلشس
وعلى قدر ما أرى فإن هيمنة البرجوازية على المجال الديمقراطي الناشئ لن تكتب ليمين الوسط بل ليسار الوسط باعتباره الوحيد القادر على إيجاد نظام رأسمالي تنموي يحظى بشرعية شعبيةclick | email | tweet
Latest EntriesView All Entries »
- New Texts Out Now: Anthony Alessandrini, Frantz Fanon and the Future of Cultural Politics
- Arabian Peninsula Media Roundup (August 19)
- Egypt Media Roundup (August 18)
- بداية ونهاية.. نحن نقص عليكم أسوأ القصص
- Linking Violence In Solidarity: Ferguson, Gaza, and the US State
- Last Week on Jadaliyya (August11-17)
- من كتاب "العالمية الأوروبية: خطاب السلطة" للمفكر وعالم الاجتماع إمانويل ولورستين
- جامعة أميركية توقف تعيين بروفيسور أصوله فلسطينية لانتقاده إسرائيل
- لا أسئلة شائكة في بيت غسّان كنفاني: آني وليلى في نضال الماضي والحاضر
- Egypt: Rab’a Killings Likely Crimes Against Humanity
- Multimedia and Publications Editor Position Now Open
- Persian Translation of Maya Mikdashi's 'Can Palestinian Men be Victims'
- Statement from Free Speech and Constitutional Law Scholars in Support of Steven Salaita
- Chronicles of a Death Foretold: The Kerry Negotiations
- The Terror Metanarrative and the Rabaa Massacre
- On 14 August, A Belated Obituary for Bassem Mohsen
- Press Release: Wear Black to Show Sympathy and Support for the People of Gaza
- The Wonder Box
- Scholars Pledge to Boycott UIUC Over the Firing of Steven Salaita
- ما بعد الناصرية الجزء الثاني
Jad NavigationView Full Map, Topics, and Countries »
@sakkeh3arja @im_PULSE Hate to break it to قلق but we are working on other matters too, and still addressed all your anger/insults, & more.
10 hours ago
@sakkeh3arja Not at all. Yourself and Pulse, as well as others, will be invited to join an e-roundtable to address this properly.
10 hours ago
@sakkeh3arja just saw this comment. shows you're really angry, and incorrect in this assumption/tweet.
10 hours ago
@sakkeh3arja no denials. it's for all to see, and follow. despite ur accusations and insults, we engaged. must sign off for real now.
10 hours ago
@sakkeh3arja no changing of story. the emphasis is on DC because of its gravity/relations/power, even if it happens elsewhere. not odd.
11 hours ago