لعبة الغمّيضة: تتبع عمليات برنامج بيغاسوس من شركة NSO في 45 دولة
عَمِلنا في هذا البحث على تطوير تقنيات جديدة لمسح الإنترنت لتحديد 45 بلداً قد يقوم فيها مشغلو برامج التجسس بيغاسوس من شركة NSO بإجراء عمليات تجسس.
John Scott-Railton
John Scott-Railton is a Senior Researcher at Citizen Lab. He investigates threats to a free and secure internet. He focuses on: -Abuses of government-exclusive spyware -Online disinformation operations -State-sponsored cyber militias He can be reached at jsr [at] citizenlab.ca
Articles
HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations.
Familiar Feeling: A Malware Campaign Targeting the Tibetan Diaspora Resurfaces
Investigation of a malware campaign targeting the Tibetan community and discussion of the challenges in analyzing closed espionage ecosystems.
NSO Group Infrastructure Linked to Targeting of Amnesty International and Saudi Dissident
Citizen Lab validates Amnesty International investigation showing targeting of staff member and Saudi activist with NSO Group’s technology.
BAD TRAFFIC: Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?
This report describes our investigation into the apparent use of Sandvine/Procera Networks Deep Packet Inspection (DPI) devices to deliver nation-state malware in Turkey and indirectly into Syria, and to covertly raise money through affiliate ads and cryptocurrency mining in Egypt.
KÖTÜ TRAFİK: Sandvine’ın PacketLogic Cihazları Türkiye’de Hükümetin Casus Program Kullanmasına, Mısır’da ise Kullanıcıları Bağlantılı Reklamlara Yönlendirmeye mi Yarıyor?
Bu rapor, Sandvine/Procera Networks Derin Veri Analizi (DPI) cihazlarının, Türkiye’de ve dolaylı olarak Suriye’de devlet menşeili kötücül yazılım yaymak; Mısır’da ise reklam ve kripto para madenciliği marifetiyle gizlice para toplamak için kullanımına yönelik araştırmamızı anlatmaktadır.
أزمة مرورية: أجهزة ساندفين باكيت لوجيك استُخدمت لنشر برامج التجسس الحكومية في تركيا وإعادة توجيه المستخدمين المصريين إلى الإعلانات التابعة لها؟
يشرح هذا التقرير تحقيقنا عن استخدام واضح لأجهزة فحص عميق للحزم (DPI) من شركة ساندفين\بروكيرا لنشر البرامج الضارة في تركيا وبشكل غير مباشر إلى سوريا، وجمع الأموال سرا من خلال الإعلانات التابعة لتعدين العملات الرقمية في مصر.
Spying on a Budget: Inside a Phishing Operation with Targets in the Tibetan Community
This report describes an inexpensive and technically simple phishing operation. It shows that the continued low adoption rates for digital security features, such as two factor authentication, contribute to the low bar to entry for digital espionage.
Fit Leaking: Citizen Lab Research on Fitness Tracker Privacy
The post covers several categories of information that can be gleaned from examining Strava’s fitness tracker data, ranging from enabling the identification of secret military facilities in “dark areas” to specific identifiable behaviour patterns of at-risk individuals.
Commercial Spyware: The Multibillion Dollar Industry Built on an Ethical and Legal Quagmire
Ethiopian’s penchant for commercial spyware is notorious, as is its pattern of digital espionage against journalists, activists, and other entities—many of which are based overseas—that seek to promote government accountability and are therefore viewed as political threats. Yet the Ethiopian government and others like it have faced little pressure to cease this particular strain of digital targeting.
