14 DAY TRIAL // Australian authorities have announced that they've discovered an instance of the FinFisher spyware toolkit running on the servers of a Sydney-based data center.
FinFisher is a top-of-the-line spying toolkit sold by the FinFisher Gamma Group to governments around the world. This "legitimate" malware is capable of targeting both desktop and mobile operating systems, acting as a backdoor on all devices it infects.
In September 2014, WikiLeaks revealed documents obtained from Edward Snowden that included a list of governments that purchased its FinFisher toolkit.
Indonesian government hid a FinFisher proxy in Australia
According to ABC (Australian Broadcasting Corporation), Australian authorities discovered a suspicious server on the computer network of the Global Switch data centre in Ultimo, Sydney. This server was running a proxy for the FinFisher toolkit, and was actively redirecting traffic to an IP address assigned to the Indonesian government.
Indonesia was one of the countries included on the WikiLeaks list and later confirmed by the Citizen Lab research group in a study they carried out last year.
This particular server running in the Australian data center was discovered by Citizen Lab Senior Research Fellow Bill Marczak, who informed local authorities.
Mr. Marczak said that multiple Indonesian agencies deployed FinFisher in the past, and he couldn't identify which agency was responsible for managing the proxy he discovered. The most avid FinFisher user in Indonesia is the country's National Crypto Agency (Lembaga Sandi Negara).
Indonesia is a relatively new user of cyber-espionage tools
According to documents obtained by ABC, Indonesia has spied in the past on leaders of the West Papuan minority which has sought independence from the Indonesian government.
Despite often engaging in cyber-espionage, the country became famous in the hacking community after in 2013 various hacking crews from each country engaged in a semi-official cyber-war. Three Australians went to jail following these incidents.
This cyber-war was started after WikiLeaks documents shown that the Australian government spied on its Indonesia counterpart. Since then, Jakarta officials have been bolstering their cyber-capabilities.