A sophisticated spear phishing campaign has been targeting Western and Russian civil society. In collaboration with Access Now, and with the participation of numerous civil society organizations, we uncover this operation and link it to COLDRIVER, a group attributed by multiple governments to the Russian Federal Security Service (FSB).
In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nine apps identified contained vulnerabilities that could be exploited to completely reveal the contents of users’ keystrokes in transit. We estimate that up to one billion users could be vulnerable to having all of their keystrokes intercepted, constituting a tremendous risk to user security.
A network of at least 123 websites operated from within the People’s Republic of China while posing as local news outlets in 30 countries across Europe, Asia, and Latin America, disseminates pro-Beijing disinformation and ad hominem attacks within much larger volumes of commercial press releases. We name this campaign PAPERWALL. We attribute the PAPERWALL campaign to Shenzhen Haimaiyunxiang Media Co., Ltd., aka Haimai, a PR firm in China based on digital infrastructure linkages between the firm’s official website and the network. These findings confirm the increasingly important role private firms play in the realm of digital influence operations and the propensity of the Chinese government to make use of them.
As part of our ongoing project monitoring changes to Chinese search censorship, we tracked changes to censorship following Li Keqiang’s death across seven Internet platforms: Baidu, Baidu Zhidao, Bilibili, Microsoft Bing, Jingdong, Sogou, and Weibo. We found that some keyword combinations in search queries triggers hard censorship whereas others trigger soft censorship. Our results demonstrate China’s ongoing efforts to push state-sanctioned narratives concerning politically sensitive topics, impacting the integrity of the online information environment.
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research and development at the intersection of information and communication technologies, human rights, and global security. Learn more.
In this talk at the DEF CON 32 convention on August 11, Jeffrey Knockel and Mona Wang will discuss how any network eavesdropper may read the keystrokes of popular Chinese IME keyboard users.
United States Vice President Kamala Harris is at the center of an online disinformation storm after President Joe Biden’s endorsement. Sexual slurs, doctored images and disinformation surged online as she emerged as the Democratic frontrunner for the upcoming US elections. “We should expect a full spectrum of disinformation,” warned Ron Deibert, giving a glimpse of… Read more »
In response to a call for input issued by the United Nations Special Rapporteur on counter-terrorism and human rights, Emile Dirks, research associate at the Citizen Lab, prepared a written submission underlining the legal and human rights implications of the collection and usage of biometric recognition data by the People’s Republic of China.
The Citizen Lab’s director Ron Deibert and researchers Lex Gill and Noura Al-Jizawi are slated to speak at CBC Ideas Week, part of the Stratford Festival, on July 18 and July 20. In panel discussions moderated by CBC Ideas’ host Nahlah Ayed, they will explore efforts throughout history to imagine new possibilities and make them… Read more »
Activists and dissidents living in Canada are impacted by digital transnational repression (DTR) – a tool used by authoritarian governments to continue to harass and intimidate individuals online, even after leaving their country of origin. Join this online event hosted by the Montreal Institute of Genocide and Human Rights Studies (MIGS), where the Citizen Lab’s… Read more »
“What separates benign foreign influence from malign interference? And if foreign-owned platforms like TikTok are used for both interference and influence, how should we respond?” In this piece for Brookings, Diana Fu, associate professor of political science at the University of Toronto and Emile Dirks, research associate at the Citizen Lab, discuss issues like soft… Read more »
