This blog post reports on a malware attack in which a compromised version of Kakao Talk, an Android-based mobile messaging client, was sent in a highly-targeted email to a prominent individual in the Tibetan community. The malware is designed to send a user’s contacts, SMS message history, and cellular network location to attackers. This post was updated on 18 April 2013.
This report details Iran’s increasing Internet controls since 2009, when protests against the victory of Iranian President Mahmoud Ahmedinejad rocked the country. The election protest campaign–dubbed the “Green Movement”–was marked for the high use of social media and other information and communication technologies (ICT) to organize protests and disseminate information.
Blue Coat Devices capable of filtering, censorship, and surveillance are being used around the world. 61 of these Blue Coat appliances are on public or government networks in countries with a history of concerns over human rights, surveillance, and censorship. Our findings support the need for national and international scrutiny of Blue Coat implementations in the countries we have identified, and a closer look at the global proliferation of “dual-use” information and communication technologies.
This is an update to our November 2011 report titledThe Canadian Connection: An investigation of Syrian government and Hezbullah web hosting in Canada, which examined the use of web servers based in Canada, the U.S., and European countries to host Syrian government websites and websites of the Lebanese political party Hezbullah. Our findings indicate that, while many of the websites we examined in 2011 have changed hosting providers, a number of Syrian government and Hezbullah websites still maintain an online presence through the services of North American and European web hosts.
OpenNet Initiative research has documented that web filtering applied by India-based ISPs is also filtering content for customers of an ISP in Oman. This “upstream filtering” is restricting access to news sites, political blogs and file sharing sites for customer’s of Omantel, who have limited opportunities for recourse. Combined with the significant filtering implemented by Omantel itself, this essentially puts users in Oman behind multiple layers of national-level filtering.
The Citizen Lab analyzes a recent targeted malware attack against the Tibetan community spoofing the June 14, 2012 resolution of the European Parliament (EP) on the human rights situation in Tibet. While such repurposing of authentic content for use as a malware delivery mechanism is not unusual, this incident raises serious questions surrounding the use of legitimate political resources for illegitimate ends.