Support Requests
SummaryProductDescriptionAttachment
Powerpoint IntegerationFinSpyThe trojan can not be integrated with powerpoint. The resulted exe file is again detected by Antiviruses... Plz look in to that and let us know asap. I have informed you this earlier on online communication too but no response.
The trojan is detected by Norton and Bit DefenderFinSpyWe came to know that the progress on by-passing Avira antivirus is going good and a new version will be released soon with the patch... as communicated earlier on skype etc that Norton and BitDefender also detects the trojan, we request to look in to this matter as well so that when you release the new version we get the support for these two anti-viruses too....
will be thankful...
Detected by Avira AntivirusFinSpyThe infection is detectable by the Avira Antivirus on target machine. This happened in a scenario when the infection was created with features MASTER BOOT RECORD INFECTION and ACTIVE HIDING ON TARGET both disabled. The message from Avira specifies presence of a TR/DROPPER.GEN trojan in the infection.
This also happens when we are creating target. We have to disable antivirus installed on Agent to generate the infection.
Customized Metadata selection of a trojan+Icon ChangerFinSpyOnce we create a trojan, the metadata in the properties of the file show random association with another software. Currently, firefox, adobe etc are being used.
It is suggested that there should be option for us i.e. user to control the metadata properties of our choice.
An option of ICON CHANGER for .exe may also be added as a new feature which should not be much difficult but very helpful.
The target limit is reduced to only 20FinSpyAs per the contract we have an allowance of 35 tagets in total on FinSpy. But for the last 2/3 weeks, we are limited to only 20 targets. Please see in to the issue so that we can do our operations in full.
Thank you.
problemsFinSpythis is khalid from paksitan as per telphonic conversation with martin you have to get live access of our server for debugging i tried to contact with mr holger he doesnt come online for last three days and contact on ur no but no response from ur germany number plz do necessary action to rectify we are in great trouble
The agent crashes when a target is openedFinSpyWhen the agent is logged on it gives an error message ERROR READING CONFIGURATION FILE. The screenshot is attached alongwith.
After that when we click on an online target, the agent crashes down with no error message. The agent is not working completely. Please update us as soon as possible.
B1EA1F1E.png
Offline download managment and Incremental downloadsFinSpyWe are happy that the feature of offline target configuration has been added already. It is working successfully at our side. Earlier we have requested another feature which is described below.
We would be pleased if Gamma can add a feature in which the agent be able to select files to download even when the target is offline and whenever the target comes online, those selected files may be downloaded without the interaction required from user.
Also presently, the downloading of files discontinues if there is a network disconnect error or any other error. That file has to be downloaded again from scratch. This is a real annoyance. We want that when the connection is lost between target and agent, the file download pauses automatically wherever it was and whenever the target comes online again, the download starts from the point where it paused. In this way a lot of effort and time can be saved. It is also useful for the files which are slightly bigger than usual. I call this feature incremental download. I hope Im correct in that.
Thank you
The drives of the infected target would not openFinSpyAfter the targets have been infected, there have been some targets whose one or all of the drives remained locked with an error message :UNABLE TO OPEN THE DRIVE: However, after considerbale RnD on this bug, we have found out that the drives were not locked by any locking software like BitLocker etc. Please look in to the issue and resolve it asap so that the infected targets may be exploited at the best.
Thank you.
The infection rate is practically zero percentFinSpySince the release of the new version i.e. 4.1 the trojan is unable to infect any target. There is absolutely no response from any of the targets we attacked. Plz look in to this matter as it is very serious one.
The FinSpy Server StartUp ErrorFinSpyWhen the Server starts up, and when the line :STARTING MTA exim4: appears, the server sends a message which is as follows:-
ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken failed!
Please tell us why this message appears now when earlier it was not there and what impact it can have on the server?
Thank you
,it would be fun tough 
not to mention he wont if he can attack stocks and swiss
,dont know what hv they hacked,bt does our govt ever supports our poor hackers,like china does 
