The New South Wales police has declined to comment on a WikiLeaks report that alleges the state police agency uses FinFisher malware for surveillance purposes.
This has been revealed in a WikiLeaks document released today.
“Given this technology relates to operational capability, it is not appropriate to comment,” a NSW Police spokesperson told Computerworld Australia.
According to WikiLeaks, FinFisher is a weaponised German surveillance malware tool used by “intelligence agencies around the world to spy on journalists, political dissidents and others".
The WikiLeaks report went on to say that FinFisher produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile smartphones.
In a statement, WikiLeaks editor-in-chief Julian Assange said that FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the “most abusive regimes in the world".
“The [Angela] Merkel government [in Germany] pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher by tracking down its command and control centres,” said Assange.
In March 2013, the IDG News Service reported that FinFisher was being used to track activists in countries including Vietnam and Ethiopia.
At the time, the University of Toronto’s Munk School of Global Affairs researchers published a report called You Only Click Twice: FinFisher’s Global Proliferation.
A sample of FinFisher, which the researchers dubbed FinSpy, appears to have been used to target an opposition group in Ethiopia called Ginbot 7, which was designated as a terrorist group by the country in 2011, according to Morgan Marquis-Boire, a security researcher and technical advisor at the Munk School and a security engineer at Google.
Follow Hamish Barwick on Twitter: @HamishBarwick