“Weaponised German surveillance malware” purchased by S’pore company: Wikileaks


In a Wikileaks media release on 15 September, a Singapore company is named as one of several which have allegedly purchased “weaponised German surveillance malware” for use.

The products are apparently provided by FinFisher, which Wikileaks described as a “company that produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices.”

Wikileaks, which is led by Julian Assange, says the malware is “used by intelligence agencies around the world to spy on journalists, political dissidents and others.”

Mr Assange, WikiLeaks Editor in Chief, said:

"FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers."

FinFisher is also a subsidiary of the Gamma group which, it says, “provides advanced technical surveillance and monitoring solutions and international consultancy to National and State Intelligence Departments and Law Enforcement Agencies.”

According to Reporters Without Borders (RWB), “Gamma has offices and subsidiaries in the United Kingdom, including the Channel Islands, and Germany, but also in Southeast Asia and the Middle East.”

RWB says “Gamma International sells interception equipment to government and law enforcement agencies exclusively.”

“Its FinFisher Suite (which includes Trojans to infect PCs, mobile phones, other consumer electronics and servers, as well as technical consulting) is regarded as one of the most advanced in today's market,” RWB says.

It gave examples of how governments use FinFisher spyware products to monitor activities.

“A computer or smartphone is remotely infected by a Trojan, which is then controlled by government agencies through command and control servers. A computer can be infected via false update notifications of software, malicious emails or through physical access to a machine. Finfisher also offers technology to infect an entire Internet cafe in order to survey all possible users. When installed, it is almost impossible to safely remove the Trojan. Also, there are no safe ways to circumvent Finfisher on an infected machine.”

According to other online sources:

“FinFisher malware is installed in various ways, including fake software updates, emails with fake attachments, and security flaws in popular software. Sometimes the surveillance suite is installed after the target accepts installation of a fake update to commonly used software. Code which will install the malware has also been detected in emails. The software, which is designed to evade detection by antivirus software, has versions which work on mobile phones of all major brands.”

The Singapore company which is said to have purchased the products is apparently PCS Security Pte Ltd, which was incorporated in 1998, and headed by five Singaporeans.

On its website, PCS says it prides itself “in delivering value-added systems with our domain expertise and experience in Homeland Security and Infocomm Security.”

“We have the expertise and capability to deliver cutting-edge technology solutions for our Customers in the Government, trade and the commercial sector,” it said.

Some of the software licences which PCS Security Pte Ltd has apparently purchased include FinSpy, FinIntrusion, and FinUSB Suite.

According to official records, PCS Security Pte Ltd itself is fully owned by another outfit – the Phoenix Co-operative Society.

However, not much is known about the co-operative except that it has an office at the Trade Hub in Boon Lay Way, and owns all the shares of PCS Security Pte Ltd.

In 2010, Phoenix Co-operative Society was one of two co-operatives which were given an exemption under the Co-operative Societies Act. The other was the Singapore Police Co-operative Society Limited.

It is unclear what exactly the exemption for Phoenix Co-operative Society was for.

According to Wikileaks, PCS Security Pte Ltd apparently spent some 3,166,560 euros (around 5.1 million Singapore dollars) in 2012 on the licences for the malware products.

Based on the licenses which were purchased by PCS Security Pte Ltd, up to 500 target computers can be monitored using the spying system, recording the online activities of the user as well as logging all usernames and passwords. Installation of the spying system can be easy as just plugging a USB stick into the computer with little or no technical knowledge.

Perhaps a more sinister product purchased is the FinIntrusion which allows agents using the software to record all accounts logged in to public wi-fi access networks such as in hotel lobbies, libraries, etc.

In recent months, the Singapore government has been reinforcing its cyber security capabilities.

In August, the Singapore government announced the setting up of a Cyber Watch Centre which it said will give the government “wider detection capabilities”.

"This upgrade will allow us to better monitor government websites and inspect if there are malicious activities, which could affect access to online public services," Communications and Information Minister, Yaacob Ibrahim, said then.

yaccob ibrahim

At the same time, the government also said it was creating “a Monitoring and Operations Control Centre to help the Government guard against, and respond swiftly, to security threats.” (CNA)

Dr Yaacob was reported as saying that the centre “will provide the government with a full suite of capabilities to guard against security threats and respond to them in a timely manner.”

It is unclear if the products purchased by PCS Security Pte Ltd are legal, or are for use for its work with the Singapore government; and what exactly is it that the Phoenix Co-operative Society does.

The Online Citizen has written to the police for clarification on the legality of the reported purchases by PCS Security Pte Ltd.

  • sharkAttack777

    Naughty PAP garmen!!

    • GUSSIE91

      who has told the world that Singapore is the most transparent country……………?

  • Joanna Chia

    Are they watching genuine potential terrorist threats or citizens who do agree with them and try and collect data to fix them in future. Both may be the answer. Half full half empty. This is their style. But I would rather believe half empty.

    • PikuChoo

      Citizens who do not agree with them you mean. Our very “intelligent” govt thinks that they can claim innocence by having this supposedly private company do their “dirty” work for them.

      Unfortunately, as can be seen by the conduct of some of the employees of  N S A who abused their access to such software to spy on their girlfriends etc.., such a “hands off” relationship will result in lax regulatory oversight/supervision and even more such abuse of “authority”.

  • Eugenetan

    Joanne says, this is their style. Pray tell, what evidence has she got for this statement? It is this type of easy lazy rubbish that passes for fact that pervades the web and tarnishes it and the writer.

    • PikuChoo

      And WHAT evidence do you have to the contrary? If not for Wikileaks, we would not even know about this. WHAT do you suppose is that “private” company doing with such software and WHY is the our POLICE so reticent about doing its DUTY in this case?

      Note that the police did NOT deny the facts of the Wikileaks leak. Is this a case of “something” the police cannot “touch”? And I thought Law Minister Mr Shanmugam said emphatically that “NOBODY IS ABOVE THE LAW“.

    • Samson

      People are allowed to have an opinion based on their encounters, and share it with others. If you take it as fact or passes it for fact, then it is your problem. It is up to people or others to agree or believe based on their shared encounters. Otherwise no one is allowed to share anything without a recorded statement, video or photo even if they get shit. This has never been good for an educated society to get better.

  • jessie

    There must be a clear, distinctive line that the govt. must draw to use the equipment for the
    interest of National Security and not to spy on its citizens . Perhaps a Law should be legislated
    to safeguard the interest of both sides .

  • John Chan

    Front company for ISD?

    • PikuChoo

      If so, the question is WHY is a “front company” needed to do ANYTHING for the well being of Singaporeans? Since WHEN has our govt been so shy to claim credit for doing “good” things for the people?

      There are so many levels of wrong in this. Note that I’m not saying that it is WRONG to collect intelligence, but there is a RIGHT way of doing it. Whoever came up with this “brilliant” plan to set up this company and those who APPROVED ir are all eligible for impeachment.

      • John Chan

        That depends on wheather ISD moniters opposition parties using the software…

        This could be Singapore version of watergate… malwaregate

  • IsDamnShaddy

    Pay lots of money to buy these and that but cannot pay back Singaporeans our CPF. Can we still trust them?

  • Mari Kita

    so efficient! how come we are not arrested yet?