Bill Marczak is a senior researcher at the Citizen Lab, a co-founder of Bahrain Watch, and a post-doctoral researcher at UC Berkeley, where he completed a PhD in Computer Science under the advisorship of Vern Paxson. His work focuses on novel technological threats to Internet freedom, including new censorship and surveillance tools. His expertise is in internet scanning and conducting digital investigations. His work has been featured in Vanity Fair, the New York Times, the Washington Post, on CNN, and on Larry King.
Connect
Publications
Not Safe for Politics
Cellebrite Used on Kenyan Activist and Politician Boniface Mwangi
Following the widely-condemned arrest in July 2025 of prominent Kenyan opposition voice Boniface Mwangi, the Citizen Lab analyzed artefacts from devices seized during the arrest. We found that Cellebrite’s forensic extraction tools were used on his Samsung phone while it was in police custody. This case adds to the concerning pattern of the misuse of Cellebrite technology by government clients.
From Protest to Peril
Cellebrite Used Against Jordanian Civil Society
Through a multi-year investigation, we find that the Jordanian security apparatus has deployed forensic extraction products manufactured by Cellebrite against civil society devices. We release these findings alongside reporting from the Organized Crime and Corruption Reporting Project (OCCRP) which includes interviews with a few of the victims.
Same Sea, New Phish
Russian Government-Linked Social Engineering Targets App-Specific Passwords
In May 2025, Keir Giles, a well-known expert on Russian military operations, was targeted with a highly sophisticated and personalized phishing attack. Using a method not previously observed by the Citizen Lab, the attacker posed as a U.S. State Department employee to convince Mr. Giles to create and send app-specific passwords for his email accounts, bypassing multi-factor authentication. Google spotted and blocked the attack, attributing it to a Russian state-backed operator.
News