Research
Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and websites aimed at preserving and supporting marginalized and repressed cultures to target those same communities.
A sustained, coordinated social media harassment and doxxing campaign – which we codenamed JUICYJAM – targeting the pro-democracy movement in Thailand has run uninterrupted, and unchallenged, since at least August 2020. Through our analysis of public social media posts we determined that the campaign was not only inauthentic, but the information revealed could not have been reasonably sourced from a private individual.
The Citizen Lab’s Marcus Michaelsen and Siena Anstis published a research article in the peer-reviewed journal Democratization about the gendered forms of digital threats faced by women human rights defenders and journalists in exile and in the diaspora. Click here to read the article.
In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferation of Paragon’s mercenary spyware operations across the globe. This report includes an infrastructure analysis of Paragon’s spyware product, called Graphite; a forensic analysis of infected devices belonging to members of civil society; and a closer look at the use of Paragon spyware in both Canada and Italy.
The Citizen Lab’s Siena Anstis and Ron Deibert examine the phenomenon of digital transnational repression in “Silenced by Surveillance: The Impacts of Digital Transnational Repression on Journalists, Human Rights Defenders, and Dissidents in Exile”, published by Knight First Amendment Institute at Columbia University. Read the essay here.
A new book co-authored by Siena Anstis, senior legal advisor at The Citizen Lab, is now available for purchase. Transnational Repression and International Law explores the rise of state-sponsored extraterritorial killings and the implications for international law. Order your copy here.
Legal researchers Cynthia Khoo and Kate Robertson warn that a Canada-U.S. CLOUD agreement would extend the reach of U.S. law enforcement into Canada’s digital terrain to an unprecedented extent, and that if signed, this agreement would effectively allow U.S. police to demand personal data directly from any provider of an “electronic communication service” or “remote computing service” in Canada, so long as it had some ties to the U.S.
In an opinion piece in the Tahrir Institute for Middle East Policy, Noura Aljizawi, senior researcher at The Citizen Lab, sheds light on the growing threat of disinformation in Syria, even after the fall of Bashar al-Assad’s regime. While the end of Assad’s authoritarian rule was celebrated as a victory, Aljizawi warns that disinformation—once the […]
Our network security analysis of the popular social media app, RedNote, revealed a number of issues with both the Android and iOS versions of the app.
Our analysis of spyware covertly implanted on a phone returned to a Russian programmer after he was released from custody, finds that the spyware placed on his device allows the operator to track a target device’s location, record phone calls, keystrokes, and read messages from encrypted messaging apps, among other capabilities.
