Happy Holidays LibTech
I wanted to draw your attention to a report released today on malware attacks
in Syria:Quantum of Surveillance: Familiar Actors and Possible False Flags in
Syrian Malware Campaigns.
High profile hacking by the Syrian Electronic Army (SEA) against Western media
outlets has put the digital angle of the Syrian Civil War on the map. Yet,
further from the public eye another campaign has been taking place. For more
than 2 years the Syrian opposition has been targeted with a range of electronic
attacks aimed at stealing secrets, and frustrating their objectives. Many
targets are dissidents or fighters, but others are humanitarians, journalists,
and others touched by the conflict. Unlike the high profile defacements of the
SEA, these compromises are rarely publicized by the attackers, although the
malware has sometimes attracted considerable attention by security researchers
and activists.
The fight in cyberspace often mirrors the geopolitics of Syria’s civil war.
For example, malware attacks appear to have gone quiet in the period when a
military intervention seemed imminent, only to pick up when the possibility
seemed to fade. Similarly, just as news from Syria can be murky and distorted
with misinformation, false flag malware may be showing up online, too.
The latest iteration of these campaigns is tracked in a White Paper released
jointly by Citizen Lab, Munk School of Global Affairs, University of Toronto
and the Electronic Frontier Foundation (EFF) by Morgan Marquis-Boire (Security
Researcher, Citizen Lab), John Scott-Railton (Research Fellow, Citizen Lab),
and Eva Galperin (Global Policy Analyst, EFF). The report builds on extensive
previous research and writings by EFF and Citizen Lab to update what we know
about malware campaigns targeting the Syrian opposition.
Highlights include:
• New malware attacks using Skype, Gmail, Dropbox, and Facebook
• Updates on social engineering practices
• The use of njRAT attacks in Syria, the first time it has been publicly
reported in this conflict
• A Potential False Flag malware attack with a Mac OS X Trojan (First
identified by researchers at Intego)
• Intriguing clues about the identity and practices of one of the malware
creators
Citizen Lab post:https://citizenlab.org/2013/12/syrian-malware-campaigns/
Direct link to report
PDF:https://www.eff.org/document/quantum-surveillance-familiar-actors-and-possible-false-flags-syrian-malware-campaigns
Sent from my iPhone--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
[email protected].
