The software was allegedly used by the former Egyptian government of Hosni Mubarak to spy on dissidents and by the Bahraini government to spy on Bahraini activists in Britain – the latter resulting in the software having been found in breach of human rights. Kaspersky has presented the findings of an eight-month probe into the FinFisher spyware toolset – including the discovery of a UEFI "bootkit" infection method and "advanced anti-analysis methods" such as "four-layer obfuscation."įinFisher, also known as FinSpy, is a product from Anglo-German spy firm Gamma International and supplied exclusively to law enforcement and intelligence agencies for use as a surveillance tool. Trend Micro has confirmed Wardle and Privacy First's fears are true, and that browser histories were collected as part of the code's installation. In fact, the Dr Cleaner and Dr Antivirus products were named alongside AdWare Doctor as bad actors in the initial PrivacyFirst report on the matter. The takedown comes just days after Privacy First and Wardle found that another App Store security product, AdWare Doctor, was pulled for exhibiting nearly the exact same malicious activity. Wardle noted that those running preview versions of Mojave would have had the product running within new sandbox protections that would have blocked access to private data such as browsing history. "The other benefit is that Apple supposedly vets all submitted applications - but as we've clearly shown here, they (sometimes?) do a miserable job.)"įortunately, the newest version of Apple's OS appears to have addressed the first part of that.
"From a security and privacy point of view, one of the main benefits of installing applications from the official Mac App Store is that such applications are sandboxed," Wardle blogged. If you have one of the programs listed by GuardianApp, remove it – and beware other tools that may snaffle your location. It appears two dozen, at least, mobile apps from Apple's official store sell people's whereabouts to marketing firms. It's not just macOS applications leaking private data – "a growing number of iOS apps have been used to covertly collect precise location histories from tens of millions of mobile devices," GuardianApp reported before the weekend.
0 kommentar(er)
