This campaign is the first documented case of one-click mobile exploits used to target Tibetan groups, and reflects an escalation in the sophistication of digital espionage threats targeting the community.
Posts tagged “Tibet”
In a recent article for the Council on Foreign Relations, the Citizen Lab’s Lennart Maschmeyer discusses how repressive regimes are becoming increasingly effective at targeting opposition groups using digital espionage, both at home and abroad.
Investigation of a malware campaign targeting the Tibetan community and discussion of the challenges in analyzing closed espionage ecosystems.
This report describes an inexpensive and technically simple phishing operation. It shows that the continued low adoption rates for digital security features, such as two factor authentication, contribute to the low bar to entry for digital espionage.
From January 2 to 13 2017, His Holiness the Dalai Lama is holding a popular Tibetan Buddhist teaching called Kalachakra in Bodh Gaya, India. Increased restrictions from the government of China has barred Tibetans in Tibet from attending the teachings. This report documents blocking of Kalachakra-related keywords on WeChat revealing how restrictions on the ritual extend online.
Tibet Action Institute has released a report documenting censorship on Youku, an online video platform.
In this report we track a malware operation targeting members of the Tibetan Parliament that used known and patched exploits to deliver a custom backdoor known as KeyBoy. We analyze multiple versions of KeyBoy revealing a development cycle focused on avoiding basic antivirus detection.
In an interview with the Daily Dot, Citizen Lab Research Manager Masashi Crete-Nishihata commented on the challenges Tibetans face in using social media and other online tools to spread content considered politically sensitive by the Chinese government.
This report describes the latest iteration in a long-running espionage campaign against the Tibetan community. We describe how the attackers continuously adapt their campaigns to their targets, shifting tactics from document-based malware to conventional phishing
Palo Alto Networks cited the Citizen Lab report entitled “Communities @ Risk: Targeted Threats Against Civil Society.”