This post describes the results of Internet scanning we recently conducted to identify the users of FinFisher, a sophisticated and user-friendly spyware suite sold exclusively to governments. We devise a method for querying FinFisher’s “anonymizing proxies” to unmask the true location of the spyware’s master servers. Since the master servers are installed on the premises of FinFisher customers, tracing the servers allows us to identify which governments are likely using FinFisher. In some cases, we can trace the servers to specific entities inside a government by correlating our scan results with publicly available sources.
Search Results for: syria malware
At USENIX Security 2014 Citizen Lab researchers presented two papers on targeted threats against civil society communities as part of a dedicated session on the topic entitled Tracking Targeted Attacks against Civilians and NGOs.
In 2012, together with Eva Galperin from the EFF, Citizen Lab researchers Morgan Marquis-Boire and Seth Hardy identified the use of BlackShades in the targeting of opposition forces in Syria. This work has been featured in the recent coverage of the world wide “BlackShades busts” by the Washington Post, the Daily Beast, The Telegraph, and ThreatPost.
In the past 24 hours The Citizen Lab has identified a maliciously repackaged copy of the popular circumvention software Psiphon 3. This post describes the malware and outlines steps to be taken.
What to do about the growing “Digital Arms” market? The spread of technologies like mobile phones and social networks have enabled corporations and governments to eavesdrop on a mass scale. Fulfilling the demand for surveillance tools, a range of companies now sell surveillance backdoors and vulnerabilities, described as “lawful intercept” software.
Former Citizen Lab security researcher and member of our technical advisory group, Nart Villeneuve, is part of a team that uncovered a malware campaign targeting European diplomats and foreign ministries.
This edition of the Middle East and North Africa CyberWatch discusses censorship and filtering, surveillance, blogger and netizen arrests and more.
This edition of the Middle East and North Africa CyberWatch covers topics such as censorship and surveillance, blogger and netizen arrests, cyber attacks and technological developments from the region.
Our assessment of events that took place in 2012 has found that freedom of expression continues to be under threat in these parts of the world, although some progress has been made in certain countries. This review discusses trends in cyber attacks, changing legal norms, social media use, technological development, censorship and filtering, and arrests of rights activists.
SCMagazine has named Morgan Marquis-Boire on its honorable mention list of Influential IT security minds in 2012.