Activists release Detekt tool that finds surveillance malware

  • 20 November 2014
  • 3 replies
  • 458 views

Userlevel 7
Badge +54
By Lucian Constantin  Nov 20, 2014
 
A free tool released Thursday allows users to scan their computers for surveillance malware that has been used in attacks against journalists, human rights defenders and political activists around the world.
 
The open-source tool is called Detekt and was developed by security researcher Claudio Guarnieri. It was released in partnership with Amnesty International, Digitale Gesellschaft, the Electronic Frontier Foundation and Privacy International.
Detekt scans computers for infection patterns associated with several families of remote access Trojans (RATs): DarkComet RAT, XtremeRAT, BlackShades RAT, njRAT, FinFisher FinSpy, HackingTeam RCS, ShadowTech RAT and Gh0st RAT.
Some of these malware programs have been used in attacks by cybercriminals, but also in cyberespionage campaigns against non-governmental organizations, human rights activists, journalists and religious or ethnic minority groups.
 
Full Article

3 replies

Strange.  Webroot indicates Detekt is a malware on my system!
Userlevel 7
@ wrote:
Strange.  Webroot indicates Detekt is a malware on my system!
Odd.... it does not get detected on mine.  
Userlevel 7
Badge +54

Government spyware-spotting project Detekt scores in first week of release

By Darren Pauli, 26 Nov 2014  The Detekt privacy tool has discovered the FinFisher law enforcement spyware masquerading as a benign bookmark manager.
Detekt was launched last week and offers users of Windows systems to inspect their machines for traces of known government spyware.
 FinFisher developed by Gamma Group International was sold to authorities including Australia's NSW police; Belgium; the Netherlands; Singapore, Hungary and Italy.
Developer Claudio Guarnieri said on Twitter the tool discovered the malicious toolkit masquerading as the benign software noting that an unknown user uploaded the file to the Virus Total analysis engine.
New undetected HackingTeam sample just uploaded on VirusTotal https://t.co/CI3VD35iiL disguised as @outertech Linkman pic.twitter.com/01aDSO9SoA
— Claudio (@botherder) November 23, 2014
Full Article

Reply