In this report we track a malware operation targeting members of the Tibetan Parliament that used known and patched exploits to deliver a custom backdoor known as KeyBoy. We analyze multiple versions of KeyBoy revealing a development cycle focused on avoiding basic antivirus detection.
Tag Archives: China
In a recent speech, Ali Baba co-founder Jack Ma suggested that the Chinese government should use big data to help prevent crime, a view that resonates with the Communist party’s efforts to establish a system parsing citizen information online. Citizen Lab Senior Research Fellow Jason Q. Ng commented on Ma’s remarks in an interview with Bloomberg.
In this report, we reverse engineer three popular live streaming platforms (YY, Sina Show, and 9158) and find keyword lists used to censor chat messages. Tracking changes to the keyword lists over the past year gives an inside look into how these applications implement censorship
In an interview with the Daily Dot, Citizen Lab Research Manager Masashi Crete-Nishihata commented on the challenges Tibetans face in using social media and other online tools to spread content considered politically sensitive by the Chinese government.
This report describes privacy and security issues with the Windows and Android versions of QQ Browser. Our research shows that both versions of the application transmit personally identifiable data without encryption or with easily decrypted encryption, and do not adequately protect the software update process.
A new report from the University of Toronto’s Citizen Lab identifies security and privacy issues in QQ Browser, a mobile browser produced by China-based Internet giant Tencent, which may put many millions of users of the application at risk of serious compromise.
A new report from the Citizen Lab reveals that Baidu Browser, a popular mobile browser based in China and used by millions of people, has numerous privacy and security issues that could put users’ communications at risk.
This report describes privacy and security issues with Baidu Browser, a web browser for the Windows and Android platforms. Our research shows that the application transmits personal user data to Baidu servers without encryption and with easily decryptable encryption, and is vulnerable to arbitrary code execution during software updates via man-in-the-middle attacks. Much of the data leakage is the result of a shared Baidu software development kit, which affects hundreds of additional applications.