In this report, Citizen Lab researchers Morgan Marquis-Boire and John Scott-Railton and EFF Global Policy Analyst Eva Galperin outline how pro-government attackers have targeted the Syrian opposition, as well as NGO workers and journalists, with social engineering and “Remote Access Tools” (RAT)

The Citizen Lab is pleased to announce the publication of A Call to Harm: New Malware Attacks Against the Syrian Opposition. This research report by Morgan Marquis-Boire and John Scott-Railton examines two recent cyber attacks targeting the Syrian opposition: malware masquerading as the circumvention tool Freegate and a campaign masquerading as a call to arms by a pro-opposition cleric.

Citizen Lab Senior Researcher Helmi Noman spoke to media this week about the Syrian Electronic Army and the latest hacking of the Associated Press’ verified Twitter account.

The use of remote surveillance software against activists has been a feature of the ongoing conflict in Syria. Today, the EFF and Citizen Lab report on the use of a new toolkit by a previously observed attacker. This actor has been circulating malware which surreptitiously installs BlackShades RAT on victims machines.

A new report, entitled The Canadian Connection: An investigation of Syrian government and Hezbullah web hosting in Canada, continues Citizen Lab research into the intersection of the private sector, authoritarianism, and cyberspace regulation, turning our attention to a component of the Internet that does not typically receive the same amount of attention as filtering, surveillance, and computer network attack products and services: web hosting services.

Although Blue Coat has recently acknowledged the presence of their devices in Syria, this brief contributes to previous findings of devices in the country, documents additional devices in use in Syria, and identifies Blue Coat devices actively in use in Burma.

Director Ron Deibert joined Al Jazeera’s The Stream via Skype to talk about a collective of pro-Assad hackers and online activists, who call themselves the Syrian Electronic Army.

Read the article and watch the video here.

In this article, The Atlantic reports on the Syrian Electronic Army, an open and organized pro-government computer attack group that is operating with at least tacit support from the regime, who uses DDoS attacks, phishing scams, and other tricks to fight opposition activists online.

The Information Warfare Monitor (IWM), a research collaboration between the Citizen Lab at the Munk School of Global Affairs, University of Toronto and the SecDev Group, an operational think tank based in a Ottawa, Canada, has uncovered an attempt to lure pro-revolution Syrian Facebook users into providing their login credentials by using a fake URL and login page.