Bill Marczak

Bitter Sweet: Supporters of Mexico’s Soda Tax Targeted With NSO Exploit Links

This report describes an espionage operation using government-exclusive spyware to target Mexican government food scientists and two public health advocates.

Nile Phish: Large-Scale Phishing Campaign Targeting Egyptian Civil Society

This report discusses the targeting of Egyptian NGOs by Nile Phish, a large-scale phishing campaign. Almost all of the targets we identified are also implicated in Case 173, a sprawling legal case brought by the Egyptian government against NGOs, which has been referred to as an “unprecedented crackdown” on Egypt’s civil society. Nile Phish operators demonstrate an intimate knowledge of Egyptian NGOs, and are able to roll out phishing attacks within hours of government actions, such as arrests.

Social Engineering Attacks on Government Opponents

Citizen Lab Senior Research Fellow Bill Marczak has co-authored a paper titled “Social Engineering Attacks on Government Opponents: Target Perspectives,” along with Vern Paxson of UC Berkeley.

Citizen Lab Senior Research Fellows at the 2016 Chaos Communications Congress

December 29 – Hamburg, Germany

Bill Marczak in Vanity Fair on iPhone spyware targeting activists

Senior Research Fellow Bill Marczak was featured in a Vanity Fair article exploring his discovery of the spyware used to target UAE dissident Ahmed Mansoor, detailed in a recent Citizen Lab report.

Bill Marczak and Morgan Marquis-Boire featured in Al Jazeera’s ‘Faultlines’

Citizen Lab Senior Research Fellow Bill Marczak and Senior Security Researcher Morgan Marquis-Boire were featured in an episode of Al Jazeera’s ‘Faultlines’ program, in an episode entitled “Crypto Wars: Behind the Encryption Debate.” They discussed attitudes concerning surveillance in the wake of the San Bernadino shooting as well as other terrorist activities.

Tender Confirmed, Rights At Risk: Verifying Netsweeper in Bahrain

In this report, we confirm the use of the services of Canadian company Netsweeper, Inc. to censor access to the Internet in the Kingdom of Bahrain.

The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender

This report describes how a government targeted an internationally recognized human rights defender, Ahmed Mansoor, with the Trident, a chain of zero-day exploits designed to infect his iPhone with sophisticated commercial spyware.

Citizen Lab research in Alhurra and VICE

Citizen Lab’s research were featured in programs on Middle Eastern democracy by Alhurra and the world of online mercenaries offering hacking services by VICE, respectively.

Keep Calm and (Don’t) Enable Macros: A New Threat Actor Targets UAE Dissidents

Media Coverage: New York Times, Foreign Policy, International Business Times, Chicago Tribune, VICE Motherboard, Taipei Times, Forbes, Techworm, Sputnik News, Network World, BoingBoing. Authors: Bill Marczak, John Scott-Railton 1. Executive Summary This report describes a campaign of targeted spyware attacks carried out by a sophisticated operator, which we call Stealth Falcon.  The attacks have been conducted […]