German prosecutors have launched an investigation into the use of FinFisher by foreign intelligence agencies targeting individuals inside Germany. The investigation was prompted by last year’s hacking of German-British firm Gamma International, in which company files were published online by WikiLeaks. Using the leak, individuals from Bahrain Watch used it to identify opposition activists in Bahrain’s civil war that were targeted by the software.
The Bahraini government is one of several regimes across the world who are believed to have purchased the software, and the presence of the software in the country was detailed in the Citizen Lab report, entitled “From Bahrain With Love: FinFisher’s Spy Kit Exposed?” The information released by Wikileaks showed that 15 of the 2,500 IP addresses targeted by the software were located in Germany. This means that German surveillance technology may be being used to target human rights defenders based in the country, though FinFisher has denied selling the software to the Bahraini government.
Citizen Lab has identified the software on individual activists’ computers, and its research on FinFisher in Bahrain has also prompted legal action by Privacy International.
Citizen Lab research also assisted in producing the finding that the South African Revenue Service (SARS) used FinFisher to spy on the computers of its targets. The article cites Citizen Lab as the first to suggest the possible presence of FinFisher Command and Control servers in South Africa, as detailed in the report “For Their Eyes Only: The Commercialization of Digital Spying.” South African Police, the State Security Agency, and the Department of Communications have not confirmed who is running the FinFisher servers inside the country.