Continuing our research into FinFisher – the infamous spyware known also as FinSpy and sold to governments and their agencies worldwide – we noticed that the FinFisher malware in our previously-documented campaign, which had strong indicators of internet service provider (ISP) involvement, had been replaced by different spyware. Detected by ESET as Win32/StrongPity2, this spyware notably resembles one that was attributed to the group called StrongPity. As well as detecting and blocking this threat, all ESET products – including the free ESET Online scanner – thoroughly clean systems compromised by StrongPity2.