Uncovering an operation using NSO Group’s Pegasus spyware and Trident exploit framework to target Mexican journalists, lawyers, and even a minor child.

April 13-14 – New York City, USA

We are releasing a more comprehensive “checklist” consolidating our thoughts on how best to confront the lack of accountability in the commercial spyware trade.

Citizen Lab Director Ron Deibert has been named as part of the “Humans of the Year” series of VICE Motherboard, which profiles his work in defending cyber security through studies of hacking groups and censorship worldwide.

A New York Times article describing the growth of email spyware as a political weapon, titled “Cyberwar for Sale,” cited Citizen Lab research into Hacking Team, an Italian team that creates spyware for sale to governments. In particular, the article cites Citizen Lab’s work in exposing the use of Hacking Team software on the devices of Moroccan, UAE, and Ethiopian activists.

Citizen Lab’s research were featured in programs on Middle Eastern democracy by Alhurra and the world of online mercenaries offering hacking services by VICE, respectively.

Strathmore Law School in Kenya and the Open Observatory of Network Interference (OONI) have published a report on Internet shutdown in Ethiopia.

Privacy International (PI) latest report, entitled “The President’s Men?,” explores the role of Egypt’s Technical Research Department (TRD), a secret unit in the country’s intelligence infrastructure. In the report, PI cite Citizen Lab research on FinFisher and Hacking Team.

Citizen Lab surveillance research on Hacking Team and FinFisher highlighted in articles on Motherboard, the Varsity, and the New York Times.

This post describes the results of Internet scanning we recently conducted to identify the users of FinFisher, a sophisticated and user-friendly spyware suite sold exclusively to governments. We devise a method for querying FinFisher’s “anonymizing proxies” to unmask the true location of the spyware’s master servers. Since the master servers are installed on the premises of FinFisher customers, tracing the servers allows us to identify which governments are likely using FinFisher. In some cases, we can trace the servers to specific entities inside a government by correlating our scan results with publicly available sources.