Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy. This report highlights several clusters of targets. In future reports, we will provide more details about specific clusters of targets and Dark Basin’s activities.
The Information Controls Fellowship Program (ICFP) from the Open Technology Fund (OTF) supports research into how governments in countries, regions, or areas of OTF’s core focus are restricting the free flow of information, cutting access to the open Internet, and implementing censorship mechanisms, thereby threatening the ability of global citizens to exercise basic human rights and democracy; work focused on mitigation of such threats is also supported.
In a recent article for the Council on Foreign Relations, the Citizen Lab’s Lennart Maschmeyer discusses how repressive regimes are becoming increasingly effective at targeting opposition groups using digital espionage, both at home and abroad.
If you’re attending the Internet Freedom Festival (IFF) from March 5-9, you’ll be in good company: Citizen Lab researchers, fellows, and associates will be participating in panels and events throughout the week. Here’s a round-up of where you can find them: Against stalkerware: building public awareness and consent technology Monday, March 5 5:00 pm –… Read more »
This report reveals a campaign of reconnaissance, phishing, and malware operations that use content and domains made to mimic Chinese language news websites.
This report discusses the targeting of Egyptian NGOs by Nile Phish, a large-scale phishing campaign. Almost all of the targets we identified are also implicated in Case 173, a sprawling legal case brought by the Egyptian government against NGOs, which has been referred to as an “unprecedented crackdown” on Egypt’s civil society. Nile Phish operators demonstrate an intimate knowledge of Egyptian NGOs, and are able to roll out phishing attacks within hours of government actions, such as arrests.
In this report we provide the first systematic study of keyword and website censorship on WeChat, the most popular chat app in China
This report describes a malware operation against the Syrian Opposition. We name the operator Group5, and suspect they have not been previously-reported. Group5 used “just enough” technical sophistication, combined with social engineering, to target computers and mobile phones with malware.
In this research note, we analyze a malware campaign targeting Hong Kong democracy activists. Two new malware families are used in the campaign that we name UP007 and SLServer. Previous reports have shown overlap in the tactics, tools, and procedures used in this campaign in other operations targeting groups in Burma, Hong Kong, and the Tibetan community.
Freedom House has released their “Freedom on the Net 2015” report, placing China at the bottom of a ranking comprising 65 countries. The report cites the Citizen Lab’s research on China, specifically on chat application censorship and targeted threats.
