Tag Archives: Syria

Malware Attack Targeting Syrian ISIS Critics

This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

Helmi Noman interviewed for piece on Syrian Electronic Army

Citizen Lab Senior Researcher Helmi Noman was interviewed by the International Business Times regarding the Syrian Electronic Army (SEA), and its attack of several international news sites. The SEA is a group of hackers in support of Syrian President Bashar-al-Assad’s regime, known to target opposition political group.

Citizen Lab research on Blue Coat cited in article on censorship in Syria

An article on The Conversation references Citizen Lab reports, which documents the use of US-based Blue Coat Systems’ products by authoritarian regimes in Syria, Saudi Arabia, UAE, Qatar, Yemen, Egypt and Kuwait.

Maliciously Repackaged Psiphon Found

In the past 24 hours The Citizen Lab has identified a maliciously repackaged copy of the popular circumvention software Psiphon 3. This post describes the malware and outlines steps to be taken.

Morgan Marquis-Boire on NPR

In “In Syria, Conflict In Cyberspace Complements Ground War”, Marquis-Boire spoke to Robert Siegel about the digital dimension of the Syrian conflict.

Quantum of Surveillance: Familiar Actors and Possible False Flags in Syrian Malware Campaigns

In this report, Citizen Lab researchers Morgan Marquis-Boire and John Scott-Railton and EFF Global Policy Analyst Eva Galperin outline how pro-government attackers have targeted the Syrian opposition, as well as NGO workers and journalists, with social engineering and “Remote Access Tools” (RAT)

Citizen Lab Senior Researcher Helmi Noman interviewed on Syria’s online conflict

Citizen Lab Senior Researcher Helmi Noman was interviewed this week on the subject of Syria’s online conflict.

Some Devices Wander by Mistake: Planet Blue Coat Redux

The Citizen Lab is pleased to announce the release of Some Devices Wander by Mistake: Planet Blue Coat Redux. In this report, we use a combination of network measurement and scanning methods and tools to identify instances of Blue Coat ProxySG and PacketShaper devices. This equipment can be used to secure and maintain networks, but can also be used to implement politically-motivated restrictions on access to information, and monitor and record private communications. We found Blue Coat devices on public networks of 83 countries. Included in these countries are regimes with questionable human rights records, and three countries that are subject to US sanctions: Iran, Syria, and Sudan.

A Call to Harm: New Malware Attacks Target the Syrian Opposition

The Citizen Lab is pleased to announce the publication of A Call to Harm: New Malware Attacks Against the Syrian Opposition. This research report by Morgan Marquis-Boire and John Scott-Railton examines two recent cyber attacks targeting the Syrian opposition: malware masquerading as the circumvention tool Freegate and a campaign masquerading as a call to arms by a pro-opposition cleric.

Middle East and North Africa CyberWatch – May 2013

This edition of the Middle East and North Africa CyberWatch discusses censorship and filtering, surveillance, blogger and netizen arrests and more.