14 DAY TRIAL // Built to help journalists, activists, and human rights defenders around the world, Detekt is aimed at finding traces of spying malware known to be used by governmental organizations for monitoring the activity of subjects of interest.
The open source tool is developed by security researcher Claudio Guarnieri and published in partnership with Amnesty International, Digitale Gesellschaft, Electronic Frontier Foundation and Privacy International.
Some companies develop legal spyware
Spyware programs employed by the government are not something new in the security industry, and there are companies that produce it legitimately.
FinSpy, maintained by German developer FinFisher, is one of the most publicized examples. It has been used to monitor the communications of human rights lawyers and democracy protesters in Bahrain. Services from the company could amount to millions of dollars to the buyer.
Another company developing such a product is the Italian Hacking Team, offering Remote Control System (RCS), a spying tool that can be adapted to any platform, to different government entities.
Both companies stated in previous communications that their products could not be purchased by any nation and they conducted careful screening of their clients before establishing a business relation.
“Governments are increasingly using dangerous and sophisticated technology that allows them to read activists and journalists’ private emails and remotely turn on their computer’s camera or microphone to secretly record their activities. They use the technology in a cowardly attempt to prevent abuses from being exposed,” says Marek Marczynski, head of Military, Security and Police at Amnesty International.
He adds that Detekt is the response to governments relying on information obtained through illegal surveillance to “detain, illegally arrest and even torture human rights defenders and journalists.”
The program identifies common spyware
The tool is not 100% efficient against all government-grade surveillance software, but it can indicate the presence of commonly known spyware on the machine.
Apart from the aforementioned legal spyware, Detekt can identify other remote access Trojans (RAT), too, such as DarkComet RAT, XtremeRAT, BlackShades RAT, njRAT, ShadowTech RAT, and Gh0st RAT.
A few hours ago, the program was updated to version 1.1, which eliminates some false positives and problems related to localization.
There is no need to install it, simply execute the program with administrator privileges and wait for the scan to complete. The operation does not take long, but connectivity needs to be cut off for its entire duration.
If malware is found, the computer should not be connected to the Internet or other devices before it has been properly cleaned by experts; Detekt does not include removal capabilities.
[UPDATE, November 21]: Detekt's development seems to be highly active as the application moved to new versions since publishing this article. We have updated the download link so that it points to the release page. You can also get Detekt from Softpedia.
