Mozilla Sends Cease And Desist Letter To Commercial Spyware Company For Using Firefox Trademark And Code To Trick Users

from the betraying-trust dept

Techdirt has written several times about the increasing tendency for governments around the world to turn to malware as a way of spying on people, without really thinking through the risks. One company that is starting to crop up more and more in this context is Gamma International, thanks to its FinFisher suite of spyware products, which includes FinSpy. A recent report by Citizenlab, entitled "For Their Eyes Only: The Commercialization of Digital Spying", has explored this field in some depth. Among its findings is the following:

We identify instances where FinSpy makes use of Mozilla's Trademark and Code. The latest Malay-language sample masquerades as Mozilla Firefox in both file properties and in manifest. This behavior is similar to samples discussed in some of our previous reports, including a demo copy of the product, and samples targeting Bahraini activists.
That's pretty serious: Mozilla's trademark is not only being abused, it's being used to trick people into installing malware that might well have serious consequences for them if their government disapproves of their activities. Quite rightly, then, Mozilla is taking legal action, as the organization's privacy and public policy lead, Alex Fowler, announced in a blog post:
A recent report by Citizen Lab uncovered that commercial spyware produced by Gamma International is designed to trick people into thinking it's Mozilla Firefox. We've sent Gamma a cease and desist letter today demanding that these illegal practices stop immediately.
Choosing Mozilla as the cover for this malware is cynical in the extreme, for reasons Fowler explains:
As an open source project trusted by hundreds of millions of people around the world, defending Mozilla's trademarks from this type of abuse is vital to our brand, our users and the continued success of our mission. Mozilla has a longstanding history of protecting users online and was named the Most Trusted Internet Company for Privacy in 2012 by the Ponemon Institute. We cannot abide a software company using our name to disguise online surveillance tools that can be -- and in several cases actually have been -- used by Gamma's customers to violate citizens' human rights and online privacy.
The only consolation regarding this move to create commercial spyware for sale to governments around the world is that it is possible to use conventional legal instruments like cease and desist letters against the companies behind them when they overstep the mark. Nonetheless, it's a deeply disturbing development that even countries like Germany now seem happy to use FinFisher in order to spy on their citizens by means of malware (original in German.)

Follow me @glynmoody on Twitter or, and on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: finfisher, finspy, spyware
Companies: gamma international, mozilla

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Anonymous Coward, 3 May 2013 @ 6:52pm

    What could possibly go wrong?

    The malware can't escape into the wild.

    The dinosaurs can't reproduce.

    The lock can't be picked.

    The Maginot Line can't be breached.


    reply to this | link to this | view in chronology ]

    • icon
      Wally (profile), 3 May 2013 @ 7:05pm

      Re: What could possibly go wrong?

      "The dinosaurs can't reproduce."

      Oh yes they can...they were stupid and used gene sequencing caps from the West African bull frog...which is known to spontaneously change genders in a single gender environment.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 3 May 2013 @ 7:24pm

    inb4 the trolls call Techdirt hypocritical for being on the trademark holder's side...

    reply to this | link to this | view in chronology ]

  • Trademarks as marks of origin

    Finally, a good example of the usage of trademarks as a mark of origin and trust. Even though I disagree with the other restrictions that Mozilla places on its trademark usage (e.g. not allowing free-software derivatives of Firefox to use its trademark, to the point that the IceWeasel and Icecat projects had to be created as a direct result), in this case they're totally correct into claiming it as a case of deluding unaware users, tricking them into trusting a product masquerading as a privacy-protecting program.

    reply to this | link to this | view in chronology ]

    • icon
      Ignis (profile), 4 May 2013 @ 5:18am

      Re: Trademarks as marks of origin

      I wish there were more examples of this. I believe trademarks have a better chance than copyrights and patents to be used wisely. Google could probably learn from Mozilla. I've cleaned some computers whose users apparently installed some shady software that changed their browsers' default search engine to random sites. Some of those (can't really remember the address) really look like carbon copies of Google sans the logo. I've been thinking, can't Google bring a suit against those Google copycats (or they have, but I'm perfectly unaware)? After all, the people whose computers I fixed (who, you guessed it, aren't very tech savvy and probably don't pay much attention to URLs as opposed to just the web page) were perfectly tricked and didn't realise it was -not- Google.

      On another note, I'm certain this isn't the first time this is being asked, but should companies like Gamma stay legitimate? Maybe a lot of companies need some sort of surveillance system for their offices, but doing so through deceitful means like this while also selling products clearly intended to help governments curb free speech?

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 4 May 2013 @ 6:14am

        Re: Re: Trademarks as marks of origin

        Isn't the shady software in question the Ask Toolbar, which gets forced into your computer if you forget to (or, as often is the case, do not know you should) uncheck the "even though it is supposed to be just a security update, install more junk in my computer" checkbox in the weekly critical Java security bugfix?

        If I recall correctly, it does look like Google. Not that it means much, the Google home page is pretty minimalist.

        reply to this | link to this | view in chronology ]

        • icon
          Ignis (profile), 4 May 2013 @ 7:19am

          Re: Re: Re: Trademarks as marks of origin

          No, not Ask Toolbar. It was there on my clients' computers (of course) along with other shady software, but it wasn't what I had in mind.

          I actually managed to remember one: MyPlayCity. I don't know which software actually installed the nasties (the site offers free games, but it doesn't look like the uninstalling the games instantly removes the crapware as well), but it also hijacked browsers' homepage and default search engine.

          I don't know, maybe it doesn't mean much in terms of legal grounds, but it does manage to confuse and trick people. Not that I wouldn't blame them for being too gullible either, though...

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 May 2013 @ 12:40am

    Pretty egregious. It's hard to envision a scenario in which Mozilla wouldn't prevail on the merits.

    reply to this | link to this | view in chronology ]

  • icon
    Landpaddle (profile), 4 May 2013 @ 3:01am

    Incredibly aggravating

    Mozilla is a great company. Period. They've done so much for the case of user rights and privacy, and I'm pissed off that some corporate slime feels the need to fork their best product and masquerade as legitimate Mozilla software.

    Now Google, on the other hand, didn't make too big a stink when the SWIron browser was placed on And that platform is KNOWN adware/scareware. Hopefully Mozilla doesn't get beleaguered with illegitimate forks and end up apathetic like its primary competitor...

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 4 May 2013 @ 6:50am

      Re: Incredibly aggravating

      From what I read, it is not a fork.

      "It’s important to note that the spyware does not affect Firefox itself, either during the installation process or when it is operating covertly on a person’s computer or mobile device. Gamma’s software is entirely separate, and only uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion."
      "When a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as “Firefox.exe” and includes the properties associated with Firefox along with a version number and copyright and trademark claims attributed to “Firefox and Mozilla Developers.”"

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 May 2013 @ 3:22am

    Sad that using ip law to benefit the publix as it was intended to is so rare nowadays

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 May 2013 @ 5:15am


    Hello, SPAM

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    horse with no name, 4 May 2013 @ 5:23am


    Damn them for stopping free exchange of software, blocking distribution of free software from these guys. Mozilla should be ashamed of taking money out of the internet economy. Bot herders need to make a living too!


    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 4 May 2013 @ 6:56am

      Re: Trademark

      Your doin it wrong

      Those damn pirates are finally getting what they give!!!11111
      ahhhh oh yeah, and
      How does it feel you filthy pirate, IP laws are only for when you need them huh????

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 May 2013 @ 7:52am

    And here we have a good example of trademark being applied correctly, to protect consumers from abusive forces.

    This is the only real reason I put up with it, that is the only reason trademark still has any semblance of legitimacy, different from patents and copyrights that have gone down the crazy line.

    reply to this | link to this | view in chronology ]

  • icon
    special-interesting (profile), 4 May 2013 @ 7:37pm

    Wonder how Germany would get this into service? A fake Mozilla web site or a man in the middle attack? Sound nefarious either way. Are they slipping back into the old SS ways of thinking (or did some out of control American agency give them some hints?) Would like some clean answers on that dirt. (and not just shoo shooing with some other political public distractions.)

    Shams are everywhere and when a flim-flam (theft by deception) is being perpetrated its best to use the most trusted names in the world and Mozilla fits the evil need of the ones (Germany? And who else?) who want to deceive.

    Wanna charge a person a fee to apply for a large famous company? Swipe the logos and name of IBM or ATT and see how much you can make before someone actually calls the home office. So in a way trademark law can make it easier for such deceptions to exist.

    If a suggestion could be made; enforce the crime itself and don't involve trademark law. Its a derivative abuse of copyright law and not any more pleasant. Just because it was easier for Mozilla to prosecute for a corporate trademark violation is only a symptom of how weak common criminal/civil law is compared to corporate trademark law.

    Trademark law, like copyright law, at one time did perform a somewhat beneficial service to Public Domain Rights but its all long gone in a wash of special interest farm animal feeding upon misplaced public trust in Washington. Was it used well and maybe wisely in this case? Sure, very possibly.

    But what if the corporation that owns the trademark itself is the perpetrator of abuse? Would they file for trademark based take-down DMCA notices to try and suppress public opinion? Maybe. Its happened before and with the current lax, corporate one sided, law it will again. Unless steep penalties are enacted against companies who abuse free speech it will also increase.

    A somewhat good example was Sony's use of a rootkit for spying on its very own paying customers. That was before layers learned to abuse the DMCA so it did not happen but it could have? Its sooooo easy to do. Might that same rootkit do some dirty work itself (or installing some new software that did) like monitoring any correspondence with the word Sony in it?

    There are many problems with current trademark law. Much deals with the lack of oversight and its effects on society and its various cultures?

    Trademark law was not supposed to interfere with culture or society. Many cultural figures are firmly based in culture like the Disney characters or Marvel heroes (now Disney controlled). These types of trademarks are subtractions from culture and should never have been allowed. Any such attempt at permanent theft from American culture should be punished.

    How is Disney to profit if they loose their precious eternal copyright and trademark laws? Don't know. Maybe they would have to start making new creative work. An end to the rehashing of old crap would be nice. No we do not need another remake of Witch Mountain or whatever? Maybe you like that?

    What we need are new interpretations that build or tear down the old way of thinking.


    Do we need spy programs that build on the great work of other companies? No. Spying is always wrong. Trust, at least, your own citizens. Do we need to invoke trademark law to prevent this? No. Spying is illegal? Making false claims is illegal. Deception for profit or harm is illegal. Etc.

    Who knows anymore. But. At least it once was; In a land called The United States of America. (at least was for some time after the constitution was written) That great almost-dead myth we invoke at camp-side fire to shoo away ghost stories of how the copyright bogeymen (people) will come and take you away in the night. Which is real and fiction?


    Its probably best not to use the built in search box and use some less common method like visiting a web page. Use two browsers. One for general browsing with all java and flash shut down and other safeguards like Privoxy and NoScript or whatever. Use the other less restricted browser for safe/known sites.

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)


Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.