The Detekt software was needed as standard anti-virus programs often missed spying software, it said. Amnesty said many governments used sophisticated spying tools that could grab images from webcams or listen via microphones to monitor people. It wants to see more regulation of the spying software used by governments.
“These spying tools are marketed on their ability to get round your bog-standard anti-virus,” said Tanya O’Carroll, an adviser on technology and human rights at Amnesty International.
The makers of spying software did extensive testing to ensure that the way they infected and lurked on a computer did not trigger security alerts, she added.
Free of charge
Detekt has been developed over the past two years to spot the few telltale signs spying programs do leave. The intense scan it carries out on a hard drive means a computer cannot be used while Detekt is running. Four separate rights groups – Amnesty International, the Electronic Frontier Foundation, Privacy International and Digitale Gesellschaft – have worked together to create the spyware spotter, which is available free of charge.
The group is now looking for help to keep Detekt up to date and expand the range of spying programs it can catch. The first version of Detekt has been written to run on Windows computers because the people most often being monitored use that software, said Ms O’Carroll.
Many repressive governments had been using spying software for some time and the programs were becoming increasingly popular with democratically elected governments too, said Ms Carroll. Spying software has been found on the computers of activists in Bahrain, Syria, Ethiopia, Vietnam, Germany, Tibet, North Korea and many other nations.
“It’s easier to name the countries that are not using these spying tools than those that are,” she said.
The trade in spyware used by governments is now a market worth about £3bn ($5bn) a year, said Ms O’Carroll, adding it was time for this trade to be better regulated. Prof Alan Woodward from the University of Surrey, who advises governments on security issues, wondered how easy it would be for Amnesty and its partners to maintain Detekt.
“It’s not really their core business,” he said. “Are they going to keep updating the software because the spyware variants change daily?”
He also questioned how useful it would be against regimes that used specially written software rather than commercial versions that were well known and documented.
“If a technique is known about widely, those regimes will assume it’s going to be ineffective and use another approach,” he said.
Claudio Guarnieri, the German security researcher who created Detekt, said there was a growing roster of firms producing spying software.
“People think the uses of spyware by governments are isolated cases. They are not,” Mr Guarnieri told the BBC. “Their discovery is isolated.
“Spyware is becoming the final solution for surveillance operations to overcome encryption.
“The real problem is nobody really asked the public whether that’s acceptable and some countries are legitimising their use without considering the consequences and inherent issues.”
‘Strength in numbers’
The software is spread in booby-trapped attachments on email messages, by seeding malware on compromised sites or with fake messaging software, said Mr Guarnieri.
Karl Zetterlund, a senior researcher at security firm Sentor, said the needs of law enforcement were understandably different to those of the average cyberthief.
“Criminals are mainly interested in information that can somehow generate money. Law enforcement spyware may only need to collect a few pieces of identifying information, such as a net address, from the computer,” he said.
“Generally, policeware may be better at hiding, as normal malware often aims for strength in numbers and spreading is more important than passing under the radar.”
There had also been cases in the past, he said, when computer security companies collaborated with governments to ignore spyware they found planted on machines.