One common thing #StateSponsoredMalware™ from #GammaGroup . Com's #FinFisher #FinSpy #Finsky does is a downgrade attack on your encryption by using older protocols that are already compromised and also using port 80 over port 443 on web browsers at logins as well as replacing and utilizing different certificates with lower bits and easily broken ciphers so that you still have a green lock on your browser.

Libraries of overlay icons have also been found to overlay and replace icons on each os also mimicking icons that make you think you are using ' secure ' settings also for common programs for communications.

This software is commonly used for investigation purposes but it's been see also primarily used as a financial crime tool in the South Eastern United States in Red States attacking Blue States since 2015 when it's source code was hacked.

#infosec #SSM™ #GammaGroup #FinFisher #FinSpy #Finsky #CALEA #CALEAmalware™ #greymarket #financialcrimes #investigations #ForcedMDM #MITM