If you’re a conspiracy theorist and believe that your every move is being tracked, monitored, and secretly recorded, you may not be too far off base if your phone is infected with the FinFisher spyware. Given the number of sensors and radios in a smartphone, your portable personal phone isn’t just your window of communication to others, it is also a powerful computer with always-on mobile broadband access that can send information to malicious sources if hacked. And that’s the goal of the FinFisher, which was originally marketed to law enforcement agencies, though one of the copies has been stolen.
Essentially, FinFisher takes over your phone and can turn on and off the microphone, GPS for location information, and monitors your emails, text messages, and voice calls. The program affects a variety of popular mobile platforms today, including Windows Phone, iOS, Android, Symbian and BlackBerry. Once installed, the maker of FinFisher, Gamma, says that the phone can be remotely controlled and monitored anywhere in the world.
Right now, the way to get infected is to visit a web link and download the virus itself, or to click on a text message with a link for a ‘system update.’ Security experts caution that users should only install and download programs from trusted sources.
Though the spyware is powerful, it does not take advantage of any vulnerabilities in any phone’s OS, Bloomberg reports.
In addition to smartphones, Gamma also has a variant of the FinSpy/FinFisher software designed for desktop computers with similar results–to monitor the computers, listen in on Skype calls, and turn on and off the cameras and microphones.
The company is still investigating how its software has been leaked into the wild. For now, download apps from official app stores only and click on links with caution.