Malware

Posts tagged “Malware”

Packrat: Seven Years of a South American Threat Actor

This report describes an extensive malware, phishing, and disinformation campaign active in several Latin American countries, including Ecuador, Argentina, Venezuela, and Brazil. The nature and geographic spread of the targets seems to point to a sponsor, or sponsors, with regional, political interests. The attackers, whom we have named Packrat, have shown a keen and systematic interest in the political opposition and the independent press in so-called ALBA countries (Bolivarian Alternative for the Americas), and their recently allied regimes.

China’s Great Cannon

This post describes our analysis of China’s “Great Cannon,” our term for an attack tool that we identify as separate from, but co-located with, the Great Firewall of China. The first known usage of the Great Cannon is in the recent large-scale novel DDoS attack on both GitHub and servers used by GreatFire.org.

Morgan Marquis-Boire on Babar and Casper malware

Citizen Lab Senior Security Researcher Morgan Marquis-Boire contributed to research related to Babar, a piece of malware believed to have been produced by the French government. The software is capable of eavesdropping on online conversations, such as those held on Skype, MSN, and Yahoo Messenger.

Tibetan Uprising Day Malware Attacks

Hundreds of members of the Tibetan community are being targeted by email-based malware attacks that leverage the March 10 Tibetan Uprising anniversary as a theme. This report analyzes two March 10 related attacks. One using a new malware family we call MsAttacker , and another using the ShadowNet malware family and command and control infrastructure related to previous campaigns that targeted the Tibetan community.

Forbes on Citizen Lab’s Syria research

An article by Forbes magazine discusses FireEye’s recent report on Syria, authored by Daniel Regalado, Citizen Lab Technical Advisory Board member Nart Villeneuve, and Citizen Lab Research Fellow John Scott Railton.