Matt Brooks
Publications
Weaponized Words
Uyghur Language Software Hijacked to Deliver Malware
Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and websites aimed at preserving and supporting marginalized and repressed cultures to target those same communities.
April 28, 2025
Familiar Feeling
A Malware Campaign Targeting the Tibetan Diaspora Resurfaces
Investigation of a malware campaign targeting the Tibetan community and discussion of the challenges in analyzing closed espionage ecosystems.
August 8, 2018
Insider Information
An Intrusion Campaign Targeting Chinese Language News Sites
This report reveals a campaign of reconnaissance, phishing, and malware operations that use content and domains made to mimic Chinese language news websites.
July 5, 2017
