dgharmon writes: In any case, both programs aren't classic computer viruses. They require users to go above and beyond the call of stupidity to catch them.
With both, you typically need to open a suspicious looking email, then follow a link, and then agree, in Android's case, to download the unknown Android application package (APK). After that, you have to tell your smartphone or tablet to install it even though it's not in Google's Play Store, ignore the malware warning, and then you finally get to infect your device.
In short, these malicious programs don't really infect devices. Maliciously stupid users do. Or, in the case of FinFisher, it might be your employer or your government.