Detect has been built to assist activists, journalists and defenders of the human rights worldwide, by detecting spyware installed by governmental organizations in order to monitor certain subjects and their activities. Researcher Claudio Guarneri is the mind behind the open source tool, which has been published in partnership with Digitale Gesellschaft, Privacy International, Electronic Frontier Foundation and Amnesty International.
Governments have been producing and/or employing spyware for a while. One of the most popular examples is FinSpy, developed by FinFisher. Monitoring the communication between democracy protestors in Bahrain and human rights layers is the main purpose of this tool.
Another example of a legitimate spyware product is the Italian RCS (Remote Control System), which can be adjusted to any platform.
It has been clearly stated by representatives of the both companies that the products are not to be purchased by any country. Before they establish any kind of business relations with a client, they go through a process of cautious screening.
Here’s what Amnesty International’s head of Military, Security and Police Marek Marczynski says:
→“Governments are increasingly using dangerous and sophisticated technology that allows them to read activists and journalists’ private emails and remotely turn on their computer’s camera or microphone to secretly record their activities. They use the technology in a cowardly attempt to prevent abuses from being exposed.”
According to Marczynski, tools like Detekt are the adequate response to governments’ practices to use various information acquired through illegal monitoring in order to arrest or detain journalists and human right activists.
Detekt identifies Spyware
Although Detekt in not absolutely capable of detecting every governmental surveillance software, it can indicate if a known spyware program is active on the machine. Detekt can also identify Trojans like:
- Gh0st RAT
- BlackShades RAT
- DarkComet RA
- ShadowTech RAT
Recently, the tool has been updated to version 1.1, eliminating some problems related to false positives and localization.
Detekt does not need to be installed. All the client has to do is execute the tool with admin privileges and wait till the scanning is over. The whole process does not last long. What is important is the fact that throughout the scan, the connectivity has to be cut off. In case the tool detects malware, the machine should not be connected to the Internet. Clients should keep in mind that Detekt is not capable of removing the malicious software if such has been found.