Mozilla demands firm halt spyware masquerading as Firefox

By on May 1, 2013, 5:30 PM

Gamma International, a British security firm with ostensibly few scruples, has been accused of developing surveillance software which intentionally masquerades as Firefox. The program's unauthorized similarities to Mozilla's well-known browser prompted the organization to issue a cease-and-desist notice in an effort to protect the integrity of its brand.

The Mozilla Foundation discovered Gamma unsavory Firefox clone through Citizen Lab, an organization who remains active in areas intersecting computer science, research and politics. Citizen Lab's report, subtitled "The commercialization of digital spying" (pdf) shows evidence of Gamma's seemingly willful IP violation. Check out pages between 107 and 111 for more detail.

Gamma's Firefox knock-off appears to be a variation of FinSpy / FinFisher -- spyware thought to be commonly (and covertly) used by governments for surveillance purposes. Just as a virus might, the spyware's payload replaces Firefox's legitimate binary (Firefox.exe) with its own customized version, allowing a command and control center to spy on unsuspecting users. The firm actually touts the program's ability to be secretly deployed, encouraging its use by police and intelligence agencies. 

Worse yet, it also appears Gamma blatantly copied Firefox's MPL-licensed code. "For an expert user who examines the underlying code of the installed spyware," Mozilla notes. "Gamma includes verbatim the assembly manifest from Firefox software." Mozilla's MPL license affords many freedoms to third-party developers, but it does not grant the right to copy trademarks or otherwise patented properties.

Gamma's ironic subversion of Mozilla's Firefox brand has the foundation up in arms, particularly since Mozilla is a staunch advocate for Internet freedom and privacy rights -- ideals which Gamma likely doesn't find itself in alignment with.

"We cannot abide a software company using our name to disguise online surveillance tools that can be – and in several cases actually have been – used by Gamma's customers to violate citizens' human rights and online privacy," Mozilla's Alex Fowler stated.

Gamma has not yet issued a response.




User Comments: 11

Got something to say? Post a comment
psycros psycros said:

This company should be shut down immediately and its leadership fined and/or imprisoned. By the laws of any western nation their guilty of cybercrime.

VitalyT VitalyT said:

I stick by the old proverbial and controversial saying: They should be taken to a clear field, stood face to the wall, and shot right in the forehead.

1 person liked this | Lurker101 said:

I stick by the old proverbial and controversial saying: They should be taken to a clear field, stood face to the wall, and shot right in the forehead.

If it's a clear field, how does one face the wall?

VitalyT VitalyT said:

If it's a clear field, how does one face the wall?

It's a joke of controversy, same goes if you put someone face to the wall, you can't shoot him in the forehead

Lurker101 said:

It's a joke of controversy, same goes if you put someone face to the wall, you can't shoot him in the forehead

I was going to mention that as well, but then I realised that you can, if you've got a big enough bullet.

VitalyT VitalyT said:

I was going to mention that as well, but then I realised that you can, if you've got a big enough bullet.

Or, if you got big enough imagination, anything is possible then It's like removing tonsils through anus - another russian joke

1 person liked this | Lurker101 said:

Or, if you got big enough set of forceps, anything is possible, like removing tonsils through anus

Fix'd

Also, I fear we may be going slightly off topic here.

Guest said:

It's a CIA front. Sure, they may shut down, but next month they will be back as Chrome.exe !

VitalyT VitalyT said:

It's a CIA front. Sure, they may shut down, but next month they will be back as Chrome.exe !

Antivirus manufacturers should pick up on this and pattern in for detection as malware. They may have already, hard to know. I used Avast for 2 years, and just changed it to BitDefender, none ever reported such fake browsers.

Skidmarksdeluxe Skidmarksdeluxe said:

I stick by the old proverbial and controversial saying: They should be taken to a clear field, stood face to the wall, and shot right in the forehead.

Yeah... or stabbed with a shotgun.

Skidmarksdeluxe Skidmarksdeluxe said:

Why doesn't Mozilla sue them for all they're worth? They should take a leaf from Apple's book.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.