This report describes how Ethiopian dissidents in the US, UK, and other countries were targeted with emails containing sophisticated commercial spyware posing as Adobe Flash updates and PDF plugins. Targets include a US-based Ethiopian diaspora media outlet, a PhD student, a lawyer, and even a Citizen Lab researcher.
I am a Senior Research Fellow at Citizen Lab, a co-founder of Bahrain Watch, and a Postdoctoral Researcher at UC Berkeley, where I received my PhD in Computer Science under the advisorship of Vern Paxson. My work focuses on novel technological threats to Internet freedom, including new censorship and surveillance tools. My expertise is in Internet scanning and conducting digital investigations. Coverage of my work has been featured in Vanity Fair, the New York Times, the Washington Post, on CNN, and on Larry King.
Claudio X. González, the director of Mexicanos Contra la Corrupción y la Impunidad (MCCI: Mexicans Against Impunity and Corruption), becomes the 22nd known individual abusively targeted with NSO’s spyware technology in Mexico.
Lawyers representing the families of three slain Mexican women were sent infection attempts with NSO Group’s Pegasus spyware after questioning official accounts of the killings.
The international investigation into the 2014 Iguala Mass Disappearance was targeted with infection attempts using spyware developed by the NSO group.
NSO Group’s Pegasus spyware and exploit framework were used in infection attempts against Mexican senators and senior politicians in June and July 2016.
Uncovering an operation using NSO Group’s Pegasus spyware and Trident exploit framework to target Mexican journalists, lawyers, and even a minor child.
This report describes an espionage operation using government-exclusive spyware to target Mexican government food scientists and two public health advocates.
This report discusses the targeting of Egyptian NGOs by Nile Phish, a large-scale phishing campaign. Almost all of the targets we identified are also implicated in Case 173, a sprawling legal case brought by the Egyptian government against NGOs, which has been referred to as an “unprecedented crackdown” on Egypt’s civil society. Nile Phish operators demonstrate an intimate knowledge of Egyptian NGOs, and are able to roll out phishing attacks within hours of government actions, such as arrests.
Citizen Lab Senior Research Fellow Bill Marczak has co-authored a paper titled “Social Engineering Attacks on Government Opponents: Target Perspectives,” along with Vern Paxson of UC Berkeley.
In this report, we confirm the use of the services of Canadian company Netsweeper, Inc. to censor access to the Internet in the Kingdom of Bahrain.