Senior Security Analyst Seth Hardy gave a presentation during this year’s SecTor Conference in Toronto, Canada, which took place from 1-3 October, 2012.

In this blog post, we report on malware campaigns targeting human rights groups using the PlugX Remote Access Trojan (RAT).

In this technical brief, Citizen Lab Senior Security Analyst Seth Hardy presents a detailed analysis of IEXPL0RE RAT, a remote access trojan targeting human rights-related organizations.

The Citizen Lab has analyzed recent targeted malware attacks against Tibetan organizations that share a common payload — LURK malware — and command-and-control server, as well as several other features.

The Citizen Lab analyzes a recent targeted malware attack against the Tibetan community spoofing the June 14, 2012 resolution of the European Parliament (EP) on the human rights situation in Tibet. While such repurposing of authentic content for use as a malware delivery mechanism is not unusual, this incident raises serious questions surrounding the use of legitimate political resources for illegitimate ends.

Security Researcher and Citizen Lab Technical Advisor Morgan Marquis-Boire warns that this Trojan has been specifically crafted to target people attempting to evade government censorship. This blog post is written in Farsi.

Security Researcher and Citizen Lab Technical Advisor Morgan Marquis-Boire warns that this Trojan has been specifically crafted to target people attempting to evade government censorship. Last updated: May 30.

This post is the first in a series of analyses that the Citizen Lab is preparing regarding the urgent and ongoing threat presented by information operations deployed against Tibetans and others who advocate for Tibetan rights and freedoms, including in Tibetan areas of China.