Report
Amidst calls for reform in Togo, NSO Group’s spyware was used to target voices for change including a bishop, priest, and opposition politicians.
Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy. This report highlights several clusters of targets.
WeChat communications conducted entirely among non-China-registered accounts are subject to pervasive content surveillance that was previously thought to be exclusively reserved for China-registered accounts.
This report examines the encryption that protects meetings in the popular Zoom teleconference app. We find that Zoom has “rolled their own” encryption scheme, which has significant weaknesses. In addition, we identify potential areas of concern in Zoom’s infrastructure, including observing the transmission of meeting encryption keys to China.
The analysis of YY and WeChat indicates broad censorship—blocking sensitive terms as well as general information and neutral references—potentially limiting the public’s ability to access information that may be essential to their health and safety.
New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDOM. We have linked KINGDOM to Saudi Arabia. In 2018, KINGDOM also targeted Saudi dissidents including Omar Abdulaziz, Ghanem al-Masarir, and Yahya Assiri, as well as a staff member at Amnesty International.
This report presents results from a series of research projects that measured responses to personal data requests from telecommunication companies and Internet Service Providers across jurisdictions in Asia including Australia, Hong Kong, South Korea, Indonesia, and Malaysia. Overall, the projects found responses from telecoms were incomplete and in some cases did not follow what is required by law.
This campaign is the first documented case of one-click mobile exploits used to target Tibetan groups, and reflects an escalation in the sophistication of digital espionage threats targeting the community.
The proposed rationales for weakening encryption would exchange marginal gains in limited investigative situations for significant loses with regards to Canadians’ abilities to exercise their rights and freedoms while simultaneously undermining cybersecurity, economic development, and foreign affairs. Minister Goodale should stop calling persons with well-considered policy positions on the importance of enabling the availability of strong encryption as supporters of child abusers, and get on with his job of trying to keep Canadians safe instead of endangering them with his irresponsible and dangerous encryption policy.
In this work, we study how Tencent implements image filtering on WeChat. We found that Tencent implements realtime, automatic censorship of chat images on WeChat based on what text is in an image and based on an image’s visual similarity to those on a blacklist. Tencent facilitates this realtime filtering by maintaining a hash index of MD5 hashes of sensitive image files.
