Same Sea, New Phish
Russian Government-Linked Social Engineering Targets App-Specific Passwords

Keir Giles, a prominent expert on Russia, was targeted with a new form of social-engineering attack that leverages App-Specific Passwords. Google links the operation to UNC6293, a Russian state-backed group.

Featured Publications

Unspoken Implications: A Preliminary Analysis of Bill C-2 and Canada’s Potential Data-Sharing Obligations Towards the United States and Other Countries

On June 3, 2025, the Canadian government tabled Bill C-2, omnibus legislation that, if passed, would introduce a wide array of new federal agency and law enforcement powers, and would significantly reform substantive and due process laws in Canada for migrants and asylum seekers. Our preliminary analysis of Bill C-2 situates the legislation within the context of existing research by the Citizen Lab about two potential data-sharing treaties that are most relevant to the new proposed powers being introduced in Bill C-2: the Second Additional Protocol to the Budapest Convention (2AP) and the CLOUD Act. Both of which carry significant constitutional and human rights risks.

Lifting the lid off the Internet.

The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research and development at the intersection of information and communication technologies, human rights, and global security. Learn more.

Get the latest Citizen Lab news right in your inbox.

Subscribe below.

Privacy Policy

Features & News

John Scott-Railton Testifies Before EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs

On May 13, 2025, the Citizen Lab’s senior researcher John Scott-Railton testified before the European Union Parliament’s Committee on Civil Liberties, Justice and Home Affairs (‘LIBE committee’) to share findings from our recent report on the proliferation of Paragon spyware.  “When we look at the pie chart of [spyware] targeting to see who was targeted… Read more »

Featured Video

Gender-based Digital Transnational Repression Explained