Kaspersky detects almost 5 million attacks vs WFH devices in PH in H1 2021 As a result, its capabilities to evade any detection and analysis make this spyware particularly hard to track and detect.” “It seems like the developers put at least as much work into obfuscation and anti-analysis measures as in the Trojan itself. “The amount of work put into making FinFisher not accessible to security researchers is particularly worrying and somewhat impressive,” said Igor Kuznetsov, principal security researcher at Kaspersky’s Global Research and Analysis Team (GReAT). The findings suggest a high emphasis on defense evasion, making FinFisher one of the hardest-to-detect spyware to date.
Kaspersky researchers presented a comprehensive investigation, which lasted for eight months, into all the recent updates introduced into FinSpy spyware for Windows, Mac OS, Linux, and its installers. Cybersecurity company Kaspersky uncovers that FinSpy spyware, which it has been tracking since 2011, uses four layers of obfuscation to evade detection and employs UEFI bootkit to infect victims.