Mozilla Sends Cease And Desist Letter To Commercial Spyware Company For Using Firefox Trademark And Code To Trick Users

from the betraying-trust dept

Techdirt has written several times about the increasing tendency for governments around the world to turn to malware as a way of spying on people, without really thinking through the risks. One company that is starting to crop up more and more in this context is Gamma International, thanks to its FinFisher suite of spyware products, which includes FinSpy. A recent report by Citizenlab, entitled “For Their Eyes Only: The Commercialization of Digital Spying“, has explored this field in some depth. Among its findings is the following:

We identify instances where FinSpy makes use of Mozilla’s Trademark and Code. The latest Malay-language sample masquerades as Mozilla Firefox in both file properties and in manifest. This behavior is similar to samples discussed in some of our previous reports, including a demo copy of the product, and samples targeting Bahraini activists.

That’s pretty serious: Mozilla’s trademark is not only being abused, it’s being used to trick people into installing malware that might well have serious consequences for them if their government disapproves of their activities. Quite rightly, then, Mozilla is taking legal action, as the organization’s privacy and public policy lead, Alex Fowler, announced in a blog post:

A recent report by Citizen Lab uncovered that commercial spyware produced by Gamma International is designed to trick people into thinking it’s Mozilla Firefox. We’ve sent Gamma a cease and desist letter today demanding that these illegal practices stop immediately.

Choosing Mozilla as the cover for this malware is cynical in the extreme, for reasons Fowler explains:

As an open source project trusted by hundreds of millions of people around the world, defending Mozilla’s trademarks from this type of abuse is vital to our brand, our users and the continued success of our mission. Mozilla has a longstanding history of protecting users online and was named the Most Trusted Internet Company for Privacy in 2012 by the Ponemon Institute. We cannot abide a software company using our name to disguise online surveillance tools that can be — and in several cases actually have been — used by Gamma’s customers to violate citizens’ human rights and online privacy.

The only consolation regarding this move to create commercial spyware for sale to governments around the world is that it is possible to use conventional legal instruments like cease and desist letters against the companies behind them when they overstep the mark. Nonetheless, it’s a deeply disturbing development that even countries like Germany now seem happy to use FinFisher in order to spy on their citizens by means of malware (original in German.)

Follow me @glynmoody on Twitter or, and on Google+

Filed Under: , ,
Companies: gamma international, mozilla

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Mozilla Sends Cease And Desist Letter To Commercial Spyware Company For Using Firefox Trademark And Code To Trick Users”

Subscribe: RSS Leave a comment
Sheogorath (profile) says:

Re: Re: What could possibly go wrong?

Er, Wally, that was the whole point of AC’s use of the line highlighting the situation in Jurassic Park.
“The bad thing you imagine can’t possibly happen.”
“What if it does?”
“We’ve made sure it never will.”
“Oh, fuck. Someone made a big boo boo, and now the bad thing has happened.”

Carlos Sol?s a.k.a. ArkBlitz (in the rest of the I (profile) says:

Trademarks as marks of origin

Finally, a good example of the usage of trademarks as a mark of origin and trust. Even though I disagree with the other restrictions that Mozilla places on its trademark usage (e.g. not allowing free-software derivatives of Firefox to use its trademark, to the point that the IceWeasel and Icecat projects had to be created as a direct result), in this case they’re totally correct into claiming it as a case of deluding unaware users, tricking them into trusting a product masquerading as a privacy-protecting program.

Ignis (profile) says:

Re: Trademarks as marks of origin

I wish there were more examples of this. I believe trademarks have a better chance than copyrights and patents to be used wisely. Google could probably learn from Mozilla. I’ve cleaned some computers whose users apparently installed some shady software that changed their browsers’ default search engine to random sites. Some of those (can’t really remember the address) really look like carbon copies of Google sans the logo. I’ve been thinking, can’t Google bring a suit against those Google copycats (or they have, but I’m perfectly unaware)? After all, the people whose computers I fixed (who, you guessed it, aren’t very tech savvy and probably don’t pay much attention to URLs as opposed to just the web page) were perfectly tricked and didn’t realise it was -not- Google.

On another note, I’m certain this isn’t the first time this is being asked, but should companies like Gamma stay legitimate? Maybe a lot of companies need some sort of surveillance system for their offices, but doing so through deceitful means like this while also selling products clearly intended to help governments curb free speech?

Anonymous Coward says:

Re: Re: Trademarks as marks of origin

Isn’t the shady software in question the Ask Toolbar, which gets forced into your computer if you forget to (or, as often is the case, do not know you should) uncheck the “even though it is supposed to be just a security update, install more junk in my computer” checkbox in the weekly critical Java security bugfix?

If I recall correctly, it does look like Google. Not that it means much, the Google home page is pretty minimalist.

Ignis (profile) says:

Re: Re: Re: Trademarks as marks of origin

No, not Ask Toolbar. It was there on my clients’ computers (of course) along with other shady software, but it wasn’t what I had in mind.

I actually managed to remember one: MyPlayCity. I don’t know which software actually installed the nasties (the site offers free games, but it doesn’t look like the uninstalling the games instantly removes the crapware as well), but it also hijacked browsers’ homepage and default search engine.

I don’t know, maybe it doesn’t mean much in terms of legal grounds, but it does manage to confuse and trick people. Not that I wouldn’t blame them for being too gullible either, though…

Landpaddle (profile) says:

Incredibly aggravating

Mozilla is a great company. Period. They’ve done so much for the case of user rights and privacy, and I’m pissed off that some corporate slime feels the need to fork their best product and masquerade as legitimate Mozilla software.

Now Google, on the other hand, didn’t make too big a stink when the SWIron browser was placed on And that platform is KNOWN adware/scareware. Hopefully Mozilla doesn’t get beleaguered with illegitimate forks and end up apathetic like its primary competitor…

Anonymous Coward says:

Re: Incredibly aggravating

From what I read, it is not a fork.

“It?s important to note that the spyware does not affect Firefox itself, either during the installation process or when it is operating covertly on a person?s computer or mobile device. Gamma?s software is entirely separate, and only uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion.”
“When a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as ?Firefox.exe? and includes the properties associated with Firefox along with a version number and copyright and trademark claims attributed to ?Firefox and Mozilla Developers.?”

special-interesting (profile) says:

Wonder how Germany would get this into service? A fake Mozilla web site or a man in the middle attack? Sound nefarious either way. Are they slipping back into the old SS ways of thinking (or did some out of control American agency give them some hints?) Would like some clean answers on that dirt. (and not just shoo shooing with some other political public distractions.)

Shams are everywhere and when a flim-flam (theft by deception) is being perpetrated its best to use the most trusted names in the world and Mozilla fits the evil need of the ones (Germany? And who else?) who want to deceive.

Wanna charge a person a fee to apply for a large famous company? Swipe the logos and name of IBM or ATT and see how much you can make before someone actually calls the home office. So in a way trademark law can make it easier for such deceptions to exist.

If a suggestion could be made; enforce the crime itself and don’t involve trademark law. Its a derivative abuse of copyright law and not any more pleasant. Just because it was easier for Mozilla to prosecute for a corporate trademark violation is only a symptom of how weak common criminal/civil law is compared to corporate trademark law.

Trademark law, like copyright law, at one time did perform a somewhat beneficial service to Public Domain Rights but its all long gone in a wash of special interest farm animal feeding upon misplaced public trust in Washington. Was it used well and maybe wisely in this case? Sure, very possibly.

But what if the corporation that owns the trademark itself is the perpetrator of abuse? Would they file for trademark based take-down DMCA notices to try and suppress public opinion? Maybe. Its happened before and with the current lax, corporate one sided, law it will again. Unless steep penalties are enacted against companies who abuse free speech it will also increase.

A somewhat good example was Sony’s use of a rootkit for spying on its very own paying customers. That was before layers learned to abuse the DMCA so it did not happen but it could have? Its sooooo easy to do. Might that same rootkit do some dirty work itself (or installing some new software that did) like monitoring any correspondence with the word Sony in it?

There are many problems with current trademark law. Much deals with the lack of oversight and its effects on society and its various cultures?

Trademark law was not supposed to interfere with culture or society. Many cultural figures are firmly based in culture like the Disney characters or Marvel heroes (now Disney controlled). These types of trademarks are subtractions from culture and should never have been allowed. Any such attempt at permanent theft from American culture should be punished.

How is Disney to profit if they loose their precious eternal copyright and trademark laws? Don’t know. Maybe they would have to start making new creative work. An end to the rehashing of old crap would be nice. No we do not need another remake of Witch Mountain or whatever? Maybe you like that?

What we need are new interpretations that build or tear down the old way of thinking.


Do we need spy programs that build on the great work of other companies? No. Spying is always wrong. Trust, at least, your own citizens. Do we need to invoke trademark law to prevent this? No. Spying is illegal? Making false claims is illegal. Deception for profit or harm is illegal. Etc.

Who knows anymore. But. At least it once was; In a land called The United States of America. (at least was for some time after the constitution was written) That great almost-dead myth we invoke at camp-side fire to shoo away ghost stories of how the copyright bogeymen (people) will come and take you away in the night. Which is real and fiction?


Its probably best not to use the built in search box and use some less common method like visiting a web page. Use two browsers. One for general browsing with all java and flash shut down and other safeguards like Privoxy and NoScript or whatever. Use the other less restricted browser for safe/known sites.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...