Tag Archives: Malware

Citizen Lab research on Syrian Electronic Army in Politico

Citizen Lab’s Research Fellow John Scott-Railton spoke to Politico regarding the Syrian Electronic Army, a group of hackers in support of Bashar Al-Assad’s government. An article by Business Insider also featured Citizen Lab research into ISIS malware attacks.

Morgan Marquis-Boire on Babar and Casper malware

Citizen Lab Senior Security Researcher Morgan Marquis-Boire contributed to research related to Babar, a piece of malware believed to have been produced by the French government. The software is capable of eavesdropping on online conversations, such as those held on Skype, MSN, and Yahoo Messenger.

Forbes on Citizen Lab’s Syria research

An article by Forbes magazine discusses FireEye’s recent report on Syria, authored by Daniel Regalado, Citizen Lab Technical Advisory Board member Nart Villeneuve, and Citizen Lab Research Fellow John Scott Railton.

John Scott-Railton on the Syrian conflict

Citizen Lab Research Fellow John Scott-Railton is one of the authors of a report entitled “Behind the Syrian Conflict’s Digital Frontlines,” released today by FireEye, that documents a hacking operation that successfully breached the Syrian opposition.

Ron Deibert in “After Snowden” – LSE IDEAS public discussion

January 20, 2015 – London, UK

Malware Attack Targeting Syrian ISIS Critics

This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

Canadian Cyberbullying Legislation Threatens to Further Legitimize Malware Sales

By getting into the malware business the federal and potentially provincial governments of Canada would be confronted with an ongoing reality: is the role of government to maximally protect its citizens, including from criminals leveraging vulnerabilities to spy on Canadians, or is it to partially protect citizens so long as such protections do not weaken the state’s ability to secure itself from persons suspected of violating any Act of Parliament?

Maliciously Repackaged Psiphon Found

In the past 24 hours The Citizen Lab has identified a maliciously repackaged copy of the popular circumvention software Psiphon 3. This post describes the malware and outlines steps to be taken.

Quantum of Surveillance: Familiar Actors and Possible False Flags in Syrian Malware Campaigns

In this report, Citizen Lab researchers Morgan Marquis-Boire and John Scott-Railton and EFF Global Policy Analyst Eva Galperin outline how pro-government attackers have targeted the Syrian opposition, as well as NGO workers and journalists, with social engineering and “Remote Access Tools” (RAT)

Targeted Threat Index

The Targeted Threat Index is a metric for assigning an overall threat ranking score to email messages that deliver malware to a victim’s computer. The TTI metric was first introduced at SecTor 2013 as part of the talk “RATastrophe: Monitoring a Malware Menagerie” by Katie Kleemola, Seth Hardy, and Greg Wiseman.