NEW documents reveal that expensive British spy software – marketed as a means of tracking “paedophiles and terrorists” – has been used by the Bahraini Ministry of the Interior to hack the phones and computers of activists and lawyers.
The software, sold by Gamma Group, a company based out of serviced offices in Winchester, works by sending malware called FinSpy to “target” computers and phones (see Eyes 1368 and 1351). This allows content to be harvested and turns the computer or phone into a mobile spying device by secretly activating the microphone and webcam and intercepting Skype calls.
Gamma Group, which had not applied for an export licence from the UK authorities, denied last year that its product was being used in Bahrain. A spokesman told the Observer: "It appears that during a demonstration one of our products was stolen and has been used elsewhere. I believe a copy of FinSpy was made during a presentation and that copy was modified and then used elsewhere.”
However, new documents obtained from the Gamma Group customer support server include logs sent to Gamma, showing a list of Bahraini targets and whether or not all their files had been “archived” – in other words, pinched. Gamma says it only sells to government agencies.
Mohammed Al-Tajer, Bahrain’s leading human rights lawyer, has been on the wrong end of Gamma-inspired snooping. Having once defended a group of Shia Muslims accused of throwing a petrol bomb at a police car, and having also published evidence of the torture of detainees, shortly before Bahrain’s Arab Spring uprising, in January 2011, he received a recording of himself having sex with his second wife, accompanied by a message telling him to watch his step. The new documents show that, on the same day in January, Gamma spyware was successfully installed on Al-Tajer’s computer, archiving all his files, in contravention of legal privilege and most likely turning his computer into a mobile spying device.
In April 2011, Al-Tajer was then arrested and held by the Bahraini Ministry of the Interior for four months. Every morning he was made to stand against a wall and was beaten until he fainted. A subsequent report into the security services, commissioned by Bahrain’s King Hamad Al-Khalifa and carried out by human rights lawyers and others, found evidence of widespread torture, including “beating; punching; hitting the detainee with rubber hoses (including on the soles of the feet), cables, whips, metal, wooden planks or other objects; electrocution; sleep-deprivation; exposure to extreme temperatures; verbal abuse; threats of rape; and insulting the detainee’s religious sect (Shia).” It also found evidence of deaths at the hands of the security forces.
Yates of the Yard
In late 2011, Bahrain thought it had better do something to reform its police forces, bringing in a hired hand from overseas to ensure the force met international codes of practice. It wasn’t long before this new adviser was hailing the “substantial progress” being made, detailing a “new police code of conduct” and “comprehensive programme of training in human rights”, adding: "I am bewildered by the level of criticism aimed at a nation that has acknowledged its mistakes, but has plans in place to put things right.”
This state of bewilderment was presumably nothing new to the adviser, John “Yates of the Yard” Yates (for it was he), who as Met Police assistant commissioner in London had overseen the Met’s brilliant early phone-hacking investigation and had personally declared that there were only a “handful of victims”. He later resigned when the number approached 4,000.
Even after Yates had begun his reforms in Bahrain, Al-Tajer continued to receive text message threats from anonymous telephone numbers; and in June 2012 the sex recording was finally published on YouTube, as was footage of Al-Tajer eating and praying.
Yates told the Eye he had never heard of Mohammed Al-Tajer (he was only the leading lawyer defending police cases, after all), nor of Gamma Group, and that he had had no operational involvement in police matters, acting solely as a “strategic adviser”.
PS: THE hacker who posted internal Gamma documents on the internet showing how its FinSpy, aka FinFisher, software had been sold to the oppressive regime and used to spy on the Bahrain Independent Commission of Investigation (BICI), which was investigating torture and killings in the country, also revealed that the kit wasn’t quite as effective as Gamma likes to claim.
“After infecting a target’s [computer] the targets [sic] works for few days only then he never comes online and we have to infect him again,” the Bahrainis complained. “We can’t stay bugging and infecting the target every time since it is very sensitive. And we don’t want the target to reach [sic] to know that someone is infecting his PC or spying on him.”