This report maps out covert surveillance networks of “proxy servers” used to launder data that RCS exfiltrates from infected computers, through third countries, to an “endpoint,” which we believe represents the spyware’s government operator.
MD5 Country 946ea5bd506d1ad1d6fac3de1e010cd3 Egypt b520e9f198c365125d49e7894152eebb Hungary 8db7d5c8f282640b9cad55d8d2fa843d Italy 8527f71025a33d47275f6c145e099392 Italy 2f3222670d24071464e22e67921e423c Italy 16fefc84cef47090bcb459888ca4ee4a Italy a1d830653da9cd5daa5aa40239ec73ca Italy b732b34eb831308b58b8dcfc8130e547 Italy b9077ad27c77e0004782443bd5447f17 Italy 2192f9b0209b7e7aa6d32a075e53126d Italy cb8259668b17059f1078227995aad4c2 Italy a32e073132ae0439daca9c82b8119009 Italy 9c223cdebbd6870115a530869491a7a9 Kazakhstan 5ff61876e3fa55128554e413e77c3e55 South Korea bf080077d9d3c362e1f5c2b9e771fb8c Morocco 209a986d8e17d361424dc11ffc69511b Oman 2bd0b6ce1adc950e07ede94e18c9b726 Oman 6767becc4a72159f4306fdcbec723cc3 Oman 1e71cbf364fd05168a9ccaf435eb66e8 Saudi Arabia d115dd439788bf6344010aab606cb8d9 Saudi Arabia f8abcba6172d31a6602a85d7fcd30454 Saudi Arabia 6f2b145f3d078762daa7e0d33b18ad11 Saudi Arabia 23e93ac9b08487a2f0934d04ccd890d1 Turkey 66741da348171175d7be67b8b0e01318 Turkey […]
We redact the last octet of the 186 IP addresses below that matched any of our fingerprints since 1 February 2014. IP Country Owner 101.99.83.12 MY PIRADIUS NET 103.1.185.xxx AU MAMMOTH MEDIA PTY LTD 106.186.118.191 JP LINODE LLC 106.186.16.48 JP LINODE LLC 106.186.17.xxx JP LINODE LLC 106.186.20.84 JP LINODE LLC 106.186.21.100 JP LINODE LLC 106.186.22.xxx […]
This post is the second in a series of posts that focus on the global proliferation and use of Hacking Team’s RCS spyware, which is sold exclusively to governments.
Our latest report identified three instances where Ethiopian journalist group ESAT was targeted with spyware in the space of two hours by a single attacker. In each case, the spyware appeared to be RCS (Remote Control System), which is programmed and sold exclusively to governments by Milan-based Hacking Team.
Canadians should demand more from government in reigning in electronic spying and cyber-policing. But we should also, as citizens, subscribers, and users, demand more from our internet and telecommunication service providers.
In this report, we identified three instances where Ethiopian journalist group ESAT was targeted with spyware in the space of two hours by a single attacker. In each case the spyware appeared to be RCS (Remote Control System), programmed and sold exclusively to governments by Milan-based Hacking Team.
A closer analysis and verification of the reported blocking of Canadian Olympic Bobsledder Justin Kripps website on Russia’s Rostelecom network.
Soldatov and Borogan have been investigating the Russian surveillance state as part of a joint project by Aventura.ru, the Citizen Lab and Privacy International.
Citizen Lab Director Ron Deibert spoke about the security challenges governments face in the digital environment.