Skip to Content
Computing

The spyware used by Arab dictators has now shown up in Myanmar

Myanmar at dusk.
Myanmar at dusk.
Myanmar at dusk.Photo: Tim Proffitt-White (CC BY-NC-ND 2.0)

A powerful German spyware company had its hacking tools spotted in Myanmar.

The news: One of the oldest private hacking companies around found itself in the spotlight again this week. Gamma Group, a German company that sells spyware to the highest bidder, was discovered within the last year to be spying on dozens of mobile devices in different parts of the world by the Russian cybersecurity company Kaspersky. Last month, Kaspersky found Gamma Group’s FinSpy malware in Myanmar. The hacking tool known as FinSpy, if successful, steals everything from text messages to emails, photos, and GPS data. It also targets secure and encrypted messengers like Signal, WhatsApp, and Telegram. Those apps, often used for their exceptional security against hackers at a distance, offer little protection against malware that’s successfully executed on a target’s phone.

The background: Today, there is a global multibillion-dollar hacking industry. Gamma Group came to prominence when it was discovered selling spyware to Middle East dictatorships during the Arab Spring

The target: It’s not clear yet who was the aggressor and who was the target, but these tools are increasingly used by authoritarian governments to suppress dissidents and political opponents. Myanmar has endured a series of uniquely 21st-century catastrophes, most notably an ethnic genocide fueled by social media. Silicon Valley, Facebook in particular, was slow and ineffective in its response even as people died as a result of misinformation and hate speech on the platform. Last month, the government shut down the internet during a time of heavy fighting and humanitarian crises. 

The future: Gamma Group is one company among many that governments around the world are paying for high-tech hacking capabilities. Although countries like the US and China can afford to develop world-leading exploits and vulnerabilities, dozens more countries—from democracies to dictatorships—are turning to the booming private sector for their hacking abilities. The results can be seen in Saudi Arabia, which reportedly has hacked journalists; the United Arab Emirates, which hacked dissidents; and Mexico, which hacked lawyers and even politicians, among others. Gamma Group’s resurfacing in Myanmar is the latest sign of the industry’s global reach.

Deep Dive

Computing

Russia is risking the creation of a “splinternet”—and it could be irreversible

If Russia disconnects from—or is booted from— the internet’s governing bodies, the internet may never be the same again for any of us.

Conceptual illustration of quantum computing circuity, in multiple colors
Conceptual illustration of quantum computing circuity, in multiple colors

Quantum computing has a hype problem

Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.

winning team for Pwn2own 2022
winning team for Pwn2own 2022

These hackers showed just how easy it is to target critical infrastructure

Two Dutch researchers have won a major hacking championship by hitting the software that runs the world’s power grids, gas pipelines, and more. It was their easiest challenge yet.

white house regulates cyber concept
white house regulates cyber concept

Inside the plan to fix America’s never-ending cybersecurity failures

The specter of Russian hackers and an overreliance on voluntary cooperation from the private sector means officials are finally prepared to get tough.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.