FINFISHER: FinFly USB 1.0
Product Specifications
Copyright 2010 by Gamma Group International, UK
Date 2010-03-22
Release information
Version
|
Date
|
Author
|
Remarks
|
1.0
|
2010-03-22
|
mjm
|
Initial Version
|
1.1
|
2010-06-29
|
ht
|
New format
|
|
|
|
|
|
|
|
|
|
|
|
|
Table of Content
1 Overview 4
2 Capabilities 5
2.1 FinSpy Integration 5
2.2 Supported Operating Systems 5
2.3 Automated Execution 5
3 Components 6
4 Anti-Virus Testing 7
5 Updates & Support 7
1Overview
FinFly USB is designed to help Law Enforcement and Intelligence Agencies to covertly deploy FinSpy onto Target Systems where physical access is possible.
The device automatically deploys the FinSpy software onto Target Systems with little or no user intervention.
This document describes the full capabilities, included hard- and software, antivirus testing and the support and update system.
2Capabilities 2.1FinSpy Integration
The FinSpy product has full support for FinFly USB devices which enables the end-user to directly install the generated FinSpy Target executables onto the inserted USB dongles and activate them.
Integration Example
2.2Supported Operating Systems
Currently the following Operating Systems are supported by the FinFly USB Dongle:
-
Microsoft Windows 2000 (all Service Packs)
-
Microsoft Windows XP (all Service Packs)
-
Microsoft Windows Vista (all Service Packs)
-
Microsoft Windows 7 (all Service Packs)
The FinFly USB Dongle needs to be plugged into a running and unlocked Target System.
The automatic execution feature depends on the currently running Windows system, including its patch-level, installed protection tools and configuration.
On default configurations, the automated execution behavior is the following:
Operating System
|
Default behavior
|
Windows 2000 <= SP3
|
Manual interaction required
|
Windows 2000 SP4
Windows XP
|
Autorun on Insertion
|
Windows Vista
Windows 7
|
Depending on the configuration interaction might be required
| 3Components
Component
|
Details
|
5 FinFly USB Dongles
|
Model: SanDisk Cruzer Micro
Storage Size: min 8GB
Extras: U3 Functionality
|
Documentation
|
1 User Manual
1 Product Specifications
|
4Anti-Virus Testing
The FinFly USB Dongle utilizes various techniques to bypass most known Anti-Virus and Anti-Spyware tools. In case a product cannot be bypassed, the agent will be faced with one of the following scenarios:
-
The product displays pop-ups warning about suspicious activities and/or programs which can be accepted or rejected by the agent
Due to regular updates of these products, their behavior cannot exactly be specified. Regular tests are conducted within the Gamma Quality Assurance where all FinFisher products are checked against the latest version of these security products and new techniques for bypassing them are being researched in case a new detection has been discovered.
Current Antivirus systems in our quality assurance environment:
-
Kaspersky Internet Security
| -
Comodo Internet Security Pro
| | | -
F-Secure Internet Security
| | | | -
ZoneAlarm Internet Security Suite
| -
BitDefender Internet Security
| -
Bullguard Internet Security
| -
CA Internet Security Suite Plus
| | | | | -
VIPREĀ® Antivirus + Antispyware
| | | | | | -
Outpost Security Suite Pro
| | | | -
Steganos Internet Security
| | -
VirusBuster Internet Security Suite
-
Quick Heal Total Security
| -
Windows Defender
-
K7 TotalSecurity
| | | | -
Avira Premium Security Suite
| | | 5Updates & Support
The software has a built-in update feature that pulls updates automatically from the Gamma Update server at configured time intervals. In case the system it not connected to the Internet, download locations are provided on request so the updates can be manually downloaded from other systems.
Every update is done through a secure encrypted link to ensure integrity of the transferred update files.
The amount of updates per year depends on the changes in the IT Intrusion field and the requirement of bug-fixes and new features. At least two major feature updates are provided per year per product.
Additional to the updates, all customers have access to an after-sales website that gives the customers the following capabilities:
-
Download product information (Latest user manuals, specifications, training slides)
-
Access change-log and roadmap for products
-
Report bugs and submit feature requests
-
Inspect frequently asked questions (FAQ)
Furthermore support is provided via telephone and E-Mail.
Share with your friends: |