Bill Marczak

Twitter Globe Envelope

I am a Senior Research Fellow at Citizen Lab, a co-founder of Bahrain Watch, and a Postdoctoral Researcher at UC Berkeley, where I received my PhD in Computer Science under the advisorship of Vern Paxson. My work focuses on novel technological threats to Internet freedom, including new censorship and surveillance tools. My expertise is in Internet scanning and conducting digital investigations. Coverage of my work has been featured in Vanity Fair, the New York Times, the Washington Post, on CNN, and on Larry King.

Articles

Zoom’s Waiting Room Vulnerability

In this note, we describe a security issue where users in the “Waiting Room” of a Zoom meeting could have spied on the meeting, even if they were not approved to join. Zoom fixed the issue after we reported it to them.

Move Fast and Roll Your Own Crypto: A Quick Look at the Confidentiality of Zoom Meetings

This report examines the encryption that protects meetings in the popular Zoom teleconference app. We find that Zoom has “rolled their own” encryption scheme, which has significant weaknesses. In addition, we identify potential areas of concern in Zoom’s infrastructure, including observing the transmission of meeting encryption keys to China.

Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator

New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDOM. We have linked KINGDOM to Saudi Arabia. In 2018, KINGDOM also targeted Saudi dissidents including Omar Abdulaziz, Ghanem al-Masarir, and Yahya Assiri, as well as a staff member at Amnesty International.

Reckless VI: Mexican Journalists Investigating Cartels Targeted with NSO Spyware Following Assassination of Colleague

Two days after the murder of award-winning Mexican journalist Javier Valdez Cárdenas, two of his colleagues began receiving text messages laden with NSO Group’s Pegasus spyware. To date, 24 targets of Pegasus have been identified in Mexico. This case additionally illustrates an alarming trend of spyware attacks around the world specifically aimed at journalists.

The Kingdom Came to Canada: How Saudi-Linked Digital Espionage Reached Canadian Soil

In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware. We attribute this infection to a Pegasus operator linked to Saudi Arabia.

جاءت المملكة إلى كندا: كيف وصل التجسس الرقمي المرتبط بالسعودية إلى الأراضي الكندية

في هذا التقرير ، نَصِف كيف تم استهداف المقيم الدائم في كندا، والمنشق السعودي؛ “عمر عبد العزيز”، عبر إشعار مزيف عن “تتبع شحنة بريد”. نحن وجدنا -وبثقة عالية- أن هاتف عبد العزيز قد تم استهدافه ببرنامج التجسس “بيغاسوس” من شركة NSO. نعزو هذه الإصابة إلى مشغل “بيغاسوس” مرتبط بالمملكة العربية السعودية.