Protecting our brand from a global spyware provider

Alex Fowler

20

A recent report by Citizen Lab uncovered that commercial spyware produced by Gamma International is designed to trick people into thinking it’s Mozilla Firefox. We’ve sent Gamma a cease and desist letter today demanding that these illegal practices stop immediately.

As an open source project trusted by hundreds of millions of people around the world, defending Mozilla’s trademarks from this type of abuse is vital to our brand, our users and the continued success of our mission. Mozilla has a longstanding history of protecting users online and was named the Most Trusted Internet Company for Privacy in 2012 by the Ponemon Institute. We cannot abide a software company using our name to disguise online surveillance tools that can be – and in several cases actually have been – used by Gamma’s customers to violate citizens’ human rights and online privacy.

It’s important to note that the spyware does not affect Firefox itself, either during the installation process or when it is operating covertly on a person’s computer or mobile device. Gamma’s software is entirely separate, and only uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion.

Through the work of the Citizen Lab research team, we believe Gamma’s spyware tries to give users the false impression that, as a program installed on their computer or mobile device, it’s related to Mozilla and Firefox, and is thus trustworthy both technically and in its content. This is accomplished in two ways:

  1. When a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as “Firefox.exe” and includes the properties associated with Firefox along with a version number and copyright and trademark claims attributed to “Firefox and Mozilla Developers.”
  2. For an expert user who examines the underlying code of the installed spyware, Gamma includes verbatim the assembly manifest from Firefox software.

The Citizen Lab research team has provided us with samples from the following three instances that demonstrate how this misuse of our brand, trademarks and public trust is a designed feature of Gamma’s spyware products and not unique to a single customer’s deployment:

  • A spyware attack in Bahrain aimed at pro-democracy activists;
  • The recent discovery of Gamma’s spyware apparently in use amidst Malaysia’s upcoming General Elections; and
  • A promotional demo produced by Gamma.

Each sample demonstrates the exact same pattern of falsely designating the installed spyware as originating from Mozilla. Gamma’s own brochures and promotional videos tout one of the essential features of its surveillance software is that it can be covertly deployed on the person’s system and remain undetected.

Unfortunately, Mozilla is no stranger to the misuse of our brand. We’ve fought against companies that use our trademarks to deceive users into downloading malware, providing personal information or paying for Firefox, sometimes in a highly organized and syndicated fashion. Not only are these activities illegal, but we take them seriously because they are deceptive, harm users, cause consumer confusion, and jeopardize Mozilla’s reputation.

We’re grateful for the important work of groups such as Citizen Lab, Privacy International, European Centre for Constitutional and Human Rights and Reporters without Borders, and encourage anyone interested in the growing prevalence and societal implications of online surveillance to support their efforts.

20 responses

  1. Pingback from UK Spying Software Used by More Countries to Monitor Dissidents, Activists and Journalists | Old Click on ::

    [...] a blog post on a situation, Alex Fowler, conduct of Mozilla’s remoteness and open process division, [...]

  2. Pingback from Mozilla's Firefox Hijacked by Spy Software to Monitor Dissidents, Activists and Journalists | Old Click on ::

    [...] a blog post on a situation, Alex Fowler, conduct of Mozilla’s remoteness and open process division, [...]

  3. Pingback from Firefox orders Gamma International to cease and desist | The Daily Widget on ::

    [...] help from Citizen Labs, Mozilla has determined that Gamma International’s spyware is misleading users to think they are installing [...]

  4. Pingback from Fake Firefox spreads spyware as makers Mozilla retort | Gizmo Envy on ::

    [...] [via Mozilla] [...]

  5. Pingback from Mozilla demanda a fabricante de spyware | mundoTEKNO on ::

    [...] Protecting our brand from a global spyware provider [...]

  6. Pingback from Mozilla demanda a fabricante de spyware on ::

    [...] Protecting our brand from a global spyware provider [...]

  7. Pingback from Fake Firefox spreads spyware as makers Mozilla retort on ::

    [...] [via Mozilla] [...]

  8. Pingback from 'Surveillance' Firm Spoofs Firefox for Spying on ::

    [...] [...]

  9. Pingback from Firefox orders Gamma International to cease and desist | Callib Carver on ::

    [...] help from Citizen Labs, Mozilla has determined that Gamma International’s spyware is misleading users to think they are installing [...]

  10. Pingback from Mozilla dénonce un spyware usurpant sa marque - Dépannage informatique on ::

    [...] son blog officiel, Mozilla rappelle avoir été nommée l’entité la plus digne de confiance en 2012 selon le classement de [...]

  11. Pingback from Mozilla demanda a fabricante de spyware ← Misiongeek on ::

    [...] Protecting our brand from a global spyware provider [...]

  12. Pingback from Mozilla demanda a fabricante de spyware | SoftwareFILL.com on ::

    [...] Protecting our brand from a global spyware provider [...]

  13. Pingback from Mozilla demanda a fabricante de spyware | DigitalRiverZONE.com on ::

    [...] Protecting our brand from a global spyware provider [...]

  14. Pingback from Protecting our brand from a global spyware provider | Hallow Demon on ::

    [...] As an open source project trusted by hundreds of millions of people around the world, defending Mozilla’s trademarks from this type of abuse is vital to our brand, our users and the continued success of our mission. Mozilla has a longstanding history of protecting users online and was named the Most Trusted Internet Company for Privacy in 2012 by the Ponemon Institute. We cannot abide a software company using our name to disguise online surveillance tools that can be – and in several cases actually have been – used by Gamma’s customers to violate citizens’ human rights and online privacy. …Read More [...]

  15. Pingback from Anonymous on ::

    [...] [...]

  16. Pingback from Newest Spyware Virus Masquerading as Firefox, Mozilla’s Angry Letter | The Tech Update on ::

    [...] yesterday, FinFisher’s spyware software could be active in 36 countries, if not more. Mozilla announced yesterday that they sent a stern cease and desist letter to Gamma International “demanding that these [...]

  17. Pingback from Mozilla demanda a fabricante de spyware | 1010Software.com on ::

    [...] Protecting our brand from a global spyware provider [...]

  18. Pingback from Un spyware se hace pasar por Firefox ante la indignación de Mozilla on ::

    [...] creadores del navegador del panda rojo han declarado, que además de que esta empresa está realizando una actividad ilegal, daña a los usuarios, [...]

  19. Pingback from Netizen Report: Azerbaijan, Brazil Consider New Legislation on Expression - Global Voices Advocacy on ::

    [...] Mozilla Foundation, creator of the Firefox browser, has issued a cease-and-desist letter to Gamma International Ltd., demanding that the British spyware company stop misleading Internet users by attaching fake Firefox information to its FinFisher surveillance software. A report by the Citizen Lab indicates that Gamma misrepresented FinFisher as being affiliated with Firefox in order to gain users’ trust in the face of recent spyware attacks in Malaysia and Bahrain. [...]

  20. Pingback from Netizen Report: Azerbaijan, Brazil Consider New Legislation on Expression - Global Voices Online - Online News Azerbaijan | Online News Azerbaijan on ::

    [...] Mozilla Foundation, creator of the Firefox browser, has issued a cease-and-desist letter to Gamma International Ltd., demanding that the British spyware company stop misleading Internet users by attaching fake Firefox information to its FinFisher surveillance software. A report by the Citizen Lab indicates that Gamma misrepresented FinFisher as being affiliated with Firefox in order to gain users’ trust in the face of recent spyware attacks in Malaysia and Bahrain. [...]