The NSW Police force has been named as a user of the FinFisher malware and spyware toolkit used by governments worldwide to capture user data, as part of a Wikileaks data release of the product today.
Wikileaks first published documents relating to the German spyware in late 2011. FinFisher is sold to law enforcement agencies across the world.
Until further leaks last year, little was known about the law enforcement malware. It is now publicly acknowledged that FinFisher is able to capture a wide range of user data by recording Skype chats, screen shots, and controlling computer microphones and web cameras.
The FinFisher collection of tools is made by British-German conglomerate Gamma Group International, and its use is considered controversial as oppressive regimes have deployed it against political dissidents and non-criminal targets.
FinFisher control nodes were last year revealed to be located in eleven countries including Australia, but no local law enforcement agencies have admitted to using the spyware.
The Australia Federal Police has previously knocked back a Freedom of Information request about its use of FinFisher.
Wikileaks today named the NSW Police force as a user of the spyware, with the leaked documents revealing that the state police agency first acquired licenses for FinFisher in late 2011.
Wikileaks published documents that revealed the force has held nine licenses for FinSpy, FinIntrusion, FinFly, FinSpy Mobile, and FinFireWire over the last three years, the last of which will expire on November 16 next year. Five licenses are currently active.
As further evidence, Wikileaks re-published the contents of eight support tickets lodged by NSW Police for the spyware.
The licenses are valued at A$2.6 million, according to Wikileaks.
NSW Police spokesperson John Thompson said it would not be appropriate to comment "given this technology relates to operational capabilility".
The activist group said it estimated FinFisher's entire global revenue to be worth around A$72 million.
Slovakia, Estonia and South Africa are the three largest named users of FInFisher in the Wikileaks documents, holding 39, 33 and 27 licenses respectively. The largest license holder on the list, which is unnamed, holds 44 licenses.
"FinFisher continues to operate brazenly from Germany, selling weaponised surveillance malware to some of the most abusive regimes in the world," Wikileaks leader Julian Assange said in a statement. "The Merkel government pretends to be concerned about privacy, but its actions speak otherwise.
"Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher, including by tracking down its command and control centres."
The spyware is reportedly able to break encryption and record traffic, steal online banking credentials, and infect computers via USB drives, drive-by browser exploits or via partnerships with internet providers.
The malware runs on all versions of Windows after Windows 2000, while the FinSpy mobile version works on iOS, Android, Windows Phone and BlackBerry operating systems. On mobile operating systems, the malware is also able to track location and record calls.
FinFisher owner Gamma International last month reportedly suffered a data breach after an anonymous hacker claimed to have compromised the company's network.
The hacker posted links to a torrent file online containing confidential documents such as client records, price lists, source code, support manuals and other product details.