Tag Archives: Syria

Group5: Syria and the Iranian Connection

This report describes a malware operation against the Syrian Opposition. We name the operator Group5, and suspect they have not been previously-reported. Group5 used “just enough” technical sophistication, combined with social engineering, to target computers and mobile phones with malware.

Morgan Marquis-Boire profiled by CNN

Citizen Lab Senior Security Researcher Morgan Marquis-Boire was interviewed by CNN.

Citizen Lab research on Syrian Electronic Army in Politico

Citizen Lab’s Research Fellow John Scott-Railton spoke to Politico regarding the Syrian Electronic Army, a group of hackers in support of Bashar Al-Assad’s government. An article by Business Insider also featured Citizen Lab research into ISIS malware attacks.

Forbes on Citizen Lab’s Syria research

An article by Forbes magazine discusses FireEye’s recent report on Syria, authored by Daniel Regalado, Citizen Lab Technical Advisory Board member Nart Villeneuve, and Citizen Lab Research Fellow John Scott Railton.

John Scott-Railton on the Syrian conflict

Citizen Lab Research Fellow John Scott-Railton is one of the authors of a report entitled “Behind the Syrian Conflict’s Digital Frontlines,” released today by FireEye, that documents a hacking operation that successfully breached the Syrian opposition.

Malware Attack Targeting Syrian ISIS Critics

This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.

Helmi Noman interviewed for piece on Syrian Electronic Army

Citizen Lab Senior Researcher Helmi Noman was interviewed by the International Business Times regarding the Syrian Electronic Army (SEA), and its attack of several international news sites. The SEA is a group of hackers in support of Syrian President Bashar-al-Assad’s regime, known to target opposition political group.

Citizen Lab research on Blue Coat cited in article on censorship in Syria

An article on The Conversation references Citizen Lab reports, which documents the use of US-based Blue Coat Systems’ products by authoritarian regimes in Syria, Saudi Arabia, UAE, Qatar, Yemen, Egypt and Kuwait.

Maliciously Repackaged Psiphon Found

In the past 24 hours The Citizen Lab has identified a maliciously repackaged copy of the popular circumvention software Psiphon 3. This post describes the malware and outlines steps to be taken.

Morgan Marquis-Boire on NPR

In “In Syria, Conflict In Cyberspace Complements Ground War”, Marquis-Boire spoke to Robert Siegel about the digital dimension of the Syrian conflict.