“内幕消息”:一起针对中文新闻媒体的入侵行动
加拿大多伦多大学公民实验室(Citizen Lab)研究人员发现了多个假冒中文新闻网站的域名和网站。这些中文新闻网站包括中国数字时代 明镜新闻 大纪元新闻 香港01 和 博闻社,它们经常报道被中国政府认为是禁忌或具有争议性的话题。
Targeted Threats
Posts tagged “Targeted Threats”
Insider Information: An intrusion campaign targeting Chinese language news sites
This report reveals a campaign of reconnaissance, phishing, and malware operations that use content and domains made to mimic Chinese language news websites.
Tainted Leaks: Disinformation and Phishing With a Russian Nexus
Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a “leak” to discredit domestic and foreign critics of the government. We call this technique “tainted leaks.”
Nile Phish: Large-Scale Phishing Campaign Targeting Egyptian Civil Society
This report discusses the targeting of Egyptian NGOs by Nile Phish, a large-scale phishing campaign. Almost all of the targets we identified are also implicated in Case 173, a sprawling legal case brought by the Egyptian government against NGOs, which has been referred to as an “unprecedented crackdown” on Egypt’s civil society. Nile Phish operators demonstrate an intimate knowledge of Egyptian NGOs, and are able to roll out phishing attacks within hours of government actions, such as arrests.
Group5: Syria and the Iranian Connection
This report describes a malware operation against the Syrian Opposition. We name the operator Group5, and suspect they have not been previously-reported. Group5 used “just enough” technical sophistication, combined with social engineering, to target computers and mobile phones with malware.
Between Hong Kong and Burma: Tracking UP007 and SLServer Espionage Campaigns
In this research note, we analyze a malware campaign targeting Hong Kong democracy activists. Two new malware families are used in the campaign that we name UP007 and SLServer. Previous reports have shown overlap in the tactics, tools, and procedures used in this campaign in other operations targeting groups in Burma, Hong Kong, and the Tibetan community.
Shifting Tactics: Tracking changes in years-long espionage campaign against Tibetans
This report describes the latest iteration in a long-running espionage campaign against the Tibetan community. We describe how the attackers continuously adapt their campaigns to their targets, shifting tactics from document-based malware to conventional phishing
Citizen Lab cited in report on malware campaign against Tibetan and Uyghur activists
Palo Alto Networks cited the Citizen Lab report entitled “Communities @ Risk: Targeted Threats Against Civil Society.”
Citizen Lab at the World Movement for Democracy Eighth Assembly
November 1-4 – Seoul, South Korea
Citizen Lab research cited in Freedom House report
Freedom House has released their “Freedom on the Net 2015” report, placing China at the bottom of a ranking comprising 65 countries. The report cites the Citizen Lab’s research on China, specifically on chat application censorship and targeted threats.