UK Firm Offered Custom Malware to Egyptian Security Services

News / Stories Privacy Attacks Social Engineering Attacks

MalwareDocuments spilled into public by the political unrest in Egypt in recent months has shone a spotlight on the shadowy world of for-profit, custom malware creation for governments around the world.

The anti malware firm F-Secure first called attention to documents uncovered by protesting Egyptians back in March. They included a proposal to sell a product dubbed “Finfisher” to the Mubarak regime.

That “Governmental IT Intrusion” product is targeted at the law enforcement community, but Gamma apparently had no qualms about offering it to the Egyptian government, according to 12 page proposal, dated June 29, 2010. A scanned copy of the proposal is available from the F-Secure Web site.

The documents were reportedly obtained by Egyptian psychiatrist and protester Mostafa Hussein during a takeover of the headquarters of Egypt’s State Security in Nasr City on March 5.

Written in Arabic, the proposal is addressed to the State Security Investigation Department in Cairo, Egypt and purports to offer a wide range of Gamma’s products to the country’s security apparatus, including a “remote intrusion solution,” the FinSpy management software and agent. The total deal was projected to cost the government just over 287,000 Euros.

An attorney for the company, speaking to The Washington Times, denied that Gamma completed its sale to the Egyptian regime and claims that the firm broke no laws in pursuing the sale of the FinFisher technology.

Still, the spectre of state sponsored hacking has come to the fore in recent months, as leaked diplomatic cables from Wikileaks, the Stuxnet worm outbreak targeting Iran and plans uncovered with the compromise at security firm HB Gary Federal raised the spectre of state-sponsored hacking and malware distribution.

The Obama Administration issued guidance in March clarifying the use of the term “cyberspace” to describe a domain analogous to air, land, space and maritime operations.