Citizen Lab is pleased to announce the release of “For Their Eyes Only: The Commercialization of Digital Spying.” The report features new findings, as well as consolidating a year of our research on the commercial market for offensive computer network intrusion capabilities developed by Western companies.
Author Archives: Morgan Marquis-Boire
For Their Eyes Only: The Commercialization of Digital Spying
April 30, 2013 – 3:56 pm
You Only Click Twice: FinFisher’s Global Proliferation
March 13, 2013 – 6:00 am
This post describes the results of a comprehensive global Internet scan for the command and control servers of FinFisher’s surveillance software. It also details the discovery of a campaign using FinFisher in Ethiopia that may have been used to target individuals linked to an opposition group. Additionally, it provides examination of a FinSpy Mobile sample found in the wild, which appears to have been used in Vietnam.
Planet Blue Coat: Mapping Global Censorship and Surveillance Tools
January 15, 2013 – 10:49 pm
Blue Coat Devices capable of filtering, censorship, and surveillance are being used around the world. 61 of these Blue Coat appliances are on public or government networks in countries with a history of concerns over human rights, surveillance, and censorship. Our findings support the need for national and international scrutiny of Blue Coat implementations in the countries we have identified, and a closer look at the global proliferation of “dual-use” information and communication technologies.
Backdoors are Forever: Hacking Team and the Targeting of Dissent?
October 10, 2012 – 2:55 am
In this report, Citizen Lab Security Researcher Morgan Marquis-Boire describes analysis performed on malicious software used to compromise a high profile dissident residing in the United Arab Emirates. The findings indicate that the software is a commercial surveillance backdoor distributed by an Italian company known as Hacking Team. The report also describes the potential involvement of vulnerabilities sold by the French company, VUPEN.
The SmartPhone Who Loved Me: FinFisher Goes Mobile?
August 29, 2012 – 8:59 am
This report, written and coordinated by Citizen Lab Technical Advisor Morgan Marquis-Boire, analyzes several samples we believe to be mobile variants of the FinFisher Spy Kit targeting iPhone, Android, Blackberry, Windows Mobile and Symbian platforms. It is a follow-on to a previous research brief, From Bahrain with Love: FinFisher's Spy Kit Exposed?, that analyzed several pieces of malware targeting Bahraini dissidents.
From Bahrain With Love: FinFisher’s Spy Kit Exposed?
July 25, 2012 – 5:59 am
The Citizen Lab announces the publication of a detailed post analyzing several pieces of malware targeting Bahraini dissidents, shared with us by Bloomberg News. The analysis suggests that the malware used is "FinSpy," part of the commercial intrusion kit, Finfisher, distributed by the United Kingdom-based company, Gamma International.
Syrian Activists Targeted with BlackShades Spy Software
June 19, 2012 – 2:16 pm
The use of remote surveillance software against activists has been a feature of the ongoing conflict in Syria. Today, the EFF and Citizen Lab report on the use of a new toolkit by a previously observed attacker. This actor has been circulating malware which surreptitiously installs BlackShades RAT on victims machines.
Simurgh, Iranian anti-censorship software circulated with malicious backdoor (in Farsi)
May 25, 2012 – 7:00 pm
Security Researcher and Citizen Lab Technical Advisor Morgan Marquis-Boire warns that this Trojan has been specifically crafted to target people attempting to evade government censorship. This blog post is written in Farsi.
Iranian anti-censorship software ‘Simurgh’ circulated with malicious backdoor (Updated)
May 25, 2012 – 6:45 pm
Security Researcher and Citizen Lab Technical Advisor Morgan Marquis-Boire warns that this Trojan has been specifically crafted to target people attempting to evade government censorship. Last updated: May 30.
