Our analysis traces Hacking Team’s Remote Control System’s (RCS) proxy chains, and finds that dedicated US-based servers are part of the RCS infrastructure implemented by the governments of Azerbaijan, Colombia, Ethiopia, Korea, Mexico, Morocco, Poland, Thailand, Uzbekistan, and the United Arab Emirates in their espionage and/or law enforcement operations.
This report outlines an extensive US nexus for a network of servers forming part of the collection infrastructure of Hacking Team’s Remote Control System. The network, which includes data centers across the US, is used to obscure government clients of Hacking Team. It is used by at least 10 countries ranging from Azerbaijan and Uzbekistan to Korea, Poland and Ethiopia. In addition we highlight an intriguing US-only Hacking Team circuit.
An article on commercial spyware in Voice of America cited Citizen Lab research into ‘lawful intercept’ spyware such as FinSpy.
Citizen Lab’s Bill Marczak helped Privacy International scan Ethiopian refugee Tadesse Biru Kersmo’s computer, and they found traces that showed FinSpy had been operating in June 2012 over two days while he was in the UK.
A new Citizen Lab report has found that Canada-based Netsweeper filtering products have been identified on three ISPs in Somalia.
This report maps out covert surveillance networks of “proxy servers” used to launder data that RCS exfiltrates from infected computers, through third countries, to an “endpoint,” which we believe represents the spyware’s government operator.
This post is the second in a series of posts that focus on the global proliferation and use of Hacking Team’s RCS spyware, which is sold exclusively to governments.
What to do about the growing “Digital Arms” market? The spread of technologies like mobile phones and social networks have enabled corporations and governments to eavesdrop on a mass scale. Fulfilling the demand for surveillance tools, a range of companies now sell surveillance backdoors and vulnerabilities, described as “lawful intercept” software.
This post will summarize Citizen Lab’s prior research on surveillance in Indonesia, including documented evidence of FinFisher command and control servers and Blue Coat Systems devices on IPs owned by Indonesian ISPs. It will then identify recent trends in Indonesian surveillance practices, laws, and regulations that provide potential avenues for further research.
Citizen Lab is pleased to announce the release of “For Their Eyes Only: The Commercialization of Digital Spying.” The report features new findings, as well as consolidating a year of our research on the commercial market for offensive computer network intrusion capabilities developed by Western companies.
