Skip to main content

Mozilla takes action against spyware company impersonating Firefox

Mozilla has issued a cease-and-desist letter against a company that is masking its spyware products to make it look as if it's actually Mozilla's Firefox browser.

The University of Toronto's Citizen Lab recently released a report that highlighted the market for offensive computer network intrusion capabilities developed by Western companies. It discovered that Gamma International has designed its spyware to trick people into thinking they're using Firefox.

As a result, Mozilla issued its cease-and-desist order, "demanding that these illegal practices stop immediately," Alex Fowler, head of privacy and public policy at Mozilla, wrote in a blog post.

If someone who has a computer running Gamma's FinSpy programme, for example, suspects foul play and goes digging into their PC files, FinSpy might be labeled as "firefox.exe," just like a legitimate copy of the Mozilla browser.

"This is not the first time that a FinSpy sample has used the 'Mozilla Firefox' product name to masquerade as legitimate software," Citizen Lab said. "Samples from the FinSpy campaign targeting Bahraini activists last year used an assembly manifest that impersonated Mozilla's Firefox browser."

Mozilla said FinSpy has also been linked to spying ahead of Malaysia's General Elections.

"We cannot abide a software company using our name to disguise online surveillance tools that can be – and in several cases actually have been – used by Gamma's customers to violate citizens' human rights and online privacy," Mozilla's Fowler said.

Fowler pointed to FinSpy marketing materials, which were published on Wikileaks, and pitch government clients. It says that the software can be remotely controlled and accessed, bypassing anti-virus programmes, tapping into Skype, conducting live surveillance via webcam and microphones, silently extracting files, and more.

Gamma International did not immediately respond to a request for comment.