This report describes a malware operation against the Syrian Opposition. We name the operator Group5, and suspect they have not been previously-reported. Group5 used “just enough” technical sophistication, combined with social engineering, to target computers and mobile phones with malware.
Tag Archives: Syria
Citizen Lab Senior Security Researcher Morgan Marquis-Boire was interviewed by CNN.
Citizen Lab’s Research Fellow John Scott-Railton spoke to Politico regarding the Syrian Electronic Army, a group of hackers in support of Bashar Al-Assad’s government. An article by Business Insider also featured Citizen Lab research into ISIS malware attacks.
An article by Forbes magazine discusses FireEye’s recent report on Syria, authored by Daniel Regalado, Citizen Lab Technical Advisory Board member Nart Villeneuve, and Citizen Lab Research Fellow John Scott Railton.
Citizen Lab Research Fellow John Scott-Railton is one of the authors of a report entitled “Behind the Syrian Conflict’s Digital Frontlines,” released today by FireEye, that documents a hacking operation that successfully breached the Syrian opposition.
This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.
Citizen Lab Senior Researcher Helmi Noman was interviewed by the International Business Times regarding the Syrian Electronic Army (SEA), and its attack of several international news sites. The SEA is a group of hackers in support of Syrian President Bashar-al-Assad’s regime, known to target opposition political group.
An article on The Conversation references Citizen Lab reports, which documents the use of US-based Blue Coat Systems’ products by authoritarian regimes in Syria, Saudi Arabia, UAE, Qatar, Yemen, Egypt and Kuwait.
In the past 24 hours The Citizen Lab has identified a maliciously repackaged copy of the popular circumvention software Psiphon 3. This post describes the malware and outlines steps to be taken.
In “In Syria, Conflict In Cyberspace Complements Ground War”, Marquis-Boire spoke to Robert Siegel about the digital dimension of the Syrian conflict.