Here about when FinFisher went mobile: http://munkschool.utoronto.ca/canadacentre/research/the-smartphone-who-loved-me-finfisher-goes-mobile/
link article author: MORGAN MARQUIS-BOIRE
FinFisher was also detected being out here: -https://qhotels.gov.qa/
And whether the software was (illegally) exported out of the U.K. or was being re-engineered isn’t that important for the discussion here.
At least it seemed Mozilla has reopened the discussion about this spyware again,
polonus
Another list of IP addresses:
112.78.143.26 (Indonesia)
121.215.253.151 (Australia)
78.100.57.165 (Qatar)
213.55.99.74 (Ethiopia)
94.112.255.116 (Czech Republic)
213.168.28.91 (Estonia)
54.248.2.220 (USA)
202.179.31.227 (Mongolia)
80.95.253.44 (Czech Republic)
81.198.83.44 (Latvia)
86.97.255.50 (Dubai, UAE)
Interesting blocklist for these and other IPs: http://sokosensei.wordpress.com/2012/08/15/updated-list-of-ips-that-you-should-block/
Example see: http://www.threatexpert.com/report.aspx?md5=af77b9bba26100ea133c55385c50afe9
pol