Shhh… WikiLeaks Released Weaponized German Surveillance Malware (For Download) Used by Intelligence Agencies Around the World

Intelligence agencies around the world have been spying on journalists, activists and political dissidents using a surveillance malware produced by FinFisher, a German company specializing in computer intrusion systems, the exploitation of software and remote monitoring systems capable of intercepting communications and data from various devices, according to WikiLeaks which revealed Monday the latest published batch of secret documents.

The whistleblower website also released a list of FinFisher customers, which includes “Slovakia, Mongolia, Qatar State Security, South Africa, Bahrain, Pakistan, Estonia, Vietnam, Australia NSW Police, Belgium, Nigeria, Netherlands KLPD, PCS Security in Singapore, Bangladesh, Secret Services of Hungary, Italy and Bosnia & Herzegovina Intelligence”.

The FinFisher’s spyware is able to intercept communications and data from computers installed with the Mac OS X, Windows and Linux operating systems, as well as Android, iOS, BlackBerry, Symbian and Windows Mobile portable devices.

“FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers,” said WikiLeaks founder Julian Assange.

But what makes the latest WikiLeaks release really stands out this time is that it did not simply release documents but posted the actual software for anyone to download- YES, the actual zip files containing the malware on its site but with this warning:

In order to prevent any accidental execution and infection, the following files have been renamed and compressed in password protected archives (the password is “infected”). They are weaponised malware, so handle carefully.”