In this blog post, we report on malware campaigns targeting human rights groups using the PlugX Remote Access Trojan (RAT).

The Citizen Lab analyzes a recent targeted malware attack against the Tibetan community spoofing the June 14, 2012 resolution of the European Parliament (EP) on the human rights situation in Tibet. While such repurposing of authentic content for use as a malware delivery mechanism is not unusual, this incident raises serious questions surrounding the use of legitimate political resources for illegitimate ends.

Archives of Citizen Lab Briefing newsletters we’ve sent. Subscribe to the Citizen Lab newsletter. Privacy Policy 2018 | 2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011 2019 February 2019 – Citizen Lab researchers targeted, continued abuse of NSO technology in Mexico, and applications open for 2019 Citizen Lab Summer Institute 2018 November… Read more »

Google’s announcement Tuesday that it might pull out of the Chinese market has cast a sharp focus on long-standing accusations about the shadowy world of Chinese hackers. Since at least 2002, human rights activists have accused the Chinese government and military of infiltrating their computers as well as those maintained by private companies and nongovernmental… Read more »

Well-known human rights advocates in China and a Tibetan rights activist in the United States have disclosed that their Gmail accounts have been compromised. They came forward after Google’s announcement of a sustained cyber attack on activists and other illicit accessing of accounts, but stressed that the problem goes back much further. Some in China… Read more »

The decision by Google to draw a line and threaten to end its business operations in China brought attention to reports of Chinese high-technology espionage stretching back at least a decade. But despite Google’s suggestion that the hacking came from within China, it remained unclear who was responsible. Nevertheless, it presented the Obama administration with… Read more »

Research Reports John Scott-Railton, Rebekah Brown, Ksenia Ermoshina, and Ron Deibert. “Rivers of Phish: Sophisticated Phishing Targets Russia’s Perceived Enemies Around the Globe,” The Citizen Lab Report No. 177, University of Toronto, August 14, 2024. John Scott-Railton, Bill Marczak, Bahr Abdul Razzak, Ksenia Ermoshina, Siena Anstis, and Ron Deibert. “By Whose Authority? Pegasus targeting of… Read more »

A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including those of the Dalai Lama, Canadian researchers have concluded.