Related Research Articles
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness and security of the Internet and that pose threats to human rights. The organization uses a "mixed methods" approach which combines computer-generated interrogation, data mining, and analysis with intensive field research, qualitative social science, and legal and policy analysis methods. The Citizen Lab was a founding partner of the OpenNet Initiative (2002–2013) and the Information Warfare Monitor (2002–2012) projects. The organization also developed the original design of the Psiphon censorship circumvention software, which was spun out of the Lab into a private Canadian corporation in 2008.
Crimeware is a class of malware designed specifically to automate cybercrime.
Mobile malware is malicious software that targets mobile phones or wireless-enabled Personal digital assistants (PDA), by causing the collapse of the system and loss or leakage of confidential information. As wireless phones and PDA networks have become more and more common and have grown in complexity, it has become increasingly difficult to ensure their safety and security against electronic attacks in the form of viruses or other malware.
An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.
FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels.
Agent.BTZ, also named Autorun, is a computer worm that infects USB flash drives with spyware. A variant of the SillyFDC worm, it was used in a massive 2008 cyberattack on the US military, infecting 300,000 computers.
HackingTeam was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "Remote Control Systems" enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. The company has been criticized for providing these capabilities to governments with poor human rights records, though HackingTeam states that they have the ability to disable their software if it is used unethically. The Italian government has restricted their licence to do business with countries outside Europe.
Morgan Marquis-Boire is a New Zealand-born hacker, journalist, and security researcher. In late 2017 he was accused of at least ten sexual assaults.
DarkHotel is a targeted spear-phishing spyware and malware-spreading campaign that appears to be selectively attacking business hotel visitors through the hotel's in-house WiFi network. It is characterized by Kaspersky Lab as an advanced persistent threat.
The Great Cannon of China is an Internet attack tool that is used by the Chinese government to launch distributed denial-of-service attacks on websites by performing a man-in-the-middle attack on large amounts of web traffic and injecting code which causes the end-user's web browsers to flood traffic to targeted websites. According to the researchers at the Citizen Lab, the International Computer Science Institute, and Princeton University's Center for Information Technology Policy, who coined the term, the Great Cannon hijacks foreign web traffic intended for Chinese websites and re-purposes them to flood targeted web servers with enormous amounts of traffic in an attempt to disrupt their operations. While it is co-located with the Great Firewall, the Great Cannon is "a separate offensive system, with different capabilities and design."
Point-of-sale malware is usually a type of malicious software (malware) that is used by cybercriminals to target point of sale (POS) and payment terminals with the intent to obtain credit card and debit card information, a card's track 1 or track 2 data and even the CVV code, by various man-in-the-middle attacks, that is the interception of the processing at the retail checkout point of sale system. The simplest, or most evasive, approach is RAM-scraping, accessing the system's memory and exporting the copied information via a remote access trojan (RAT) as this minimizes any software or hardware tampering, potentially leaving no footprints. POS attacks may also include the use of various bits of hardware: dongles, trojan card readers, (wireless) data transmitters and receivers. Being at the gateway of transactions, POS malware enables hackers to process and steal thousands, even millions, of transaction payment data, depending upon the target, the number of devices affected, and how long the attack goes undetected. This is done before or outside of the card information being (usually) encrypted and sent to the payment processor for authorization.
NSO Group Technologies is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.
Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that can be covertly installed on mobile phones running most versions of iOS and Android. Pegasus is able to exploit iOS versions up to 14.7, through a zero-click exploit. As of 2022, Pegasus was capable of reading text messages, tracking calls, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps. The spyware is named after Pegasus, the winged horse of Greek mythology. It is a Trojan horse computer virus that can be sent "flying through the air" to infect cell phones.
NetTraveler or TravNet is spyware that dates from 2004 and that has been actively used at least until 2016, infecting hundreds of often high-profile servers in dozens of countries.
DarkMatter Group is a computer security company founded in the United Arab Emirates (UAE) in 2014 or 2015. The company describes itself as a purely defensive company, but several whistleblowers have alleged that it is involved in offensive cybersecurity, including on behalf of the Emirati government.
Dark Basin is a hack-for-hire group, discovered in 2017 by Citizen Lab. They are suspected to have acted on the behalf of companies such as Wirecard and ExxonMobil.
The Pegasus Project is an international investigative journalism initiative that revealed governments' espionage on journalists, opposition politicians, activists, business people and others using the private Pegasus spyware developed by the Israeli technology and cyber-arms company NSO Group. Pegasus is ostensibly marketed for surveillance of "serious crimes and terrorism". In 2020, a target list of 50,000 phone numbers leaked to Forbidden Stories, and an analysis revealed the list contained the numbers of leading opposition politicians, human rights activists, journalists, lawyers and other political dissidents.
Candiru, today known as SAITO TECH is a Tel Aviv-based technology company offering surveillance and cyberespionage technology to governmental clients.
FORCEDENTRY, also capitalized as ForcedEntry, is a security exploit allegedly developed by NSO Group to deploy their Pegasus spyware. It enables the "zero-click" exploit that is prevalent in iOS 13 and below, but also compromises recent safeguards set by Apple's "BlastDoor" in iOS 14 and later. In September 2021, Apple released new versions of its operating systems for multiple device families containing a fix for the vulnerability.
CatalanGate is a 2022 political scandal involving accusations of espionage using the NSO Group's Pegasus spyware, against figures of the Catalan independence movement. Targets of the supposed espionage included elected officials, activists, lawyers, and computer scientists; in some cases, families of the main targets were also purportedly targeted.
References
- ↑ "Group: Stealth Falcon - MITRE ATT&CK™". attack.mitre.org.
- 1 2 Bill Marczak; John Scott-Railton (29 May 2016). "Keep Calm and (Don't) Enable Macros: A New Threat Actor Targets UAE Dissidents". The Citizen Lab.
- 1 2 Ali Taherian (Jun 7, 2016). "Stealth Falcon spyware used on UAE critics". scmagazineuk.com.
- ↑ Bisson, David (1 June 2016). "Stealth Falcon spyware targeting UAE critics, say researchers". Graham Cluley.
- ↑ Bill Marczak (29 May 2016). "Keep Calm and (Don't) Enable Macros: Appendices". The Citizen Lab.
- ↑ Smith, Ms (30 May 2016). "Stealth Falcon group uses custom spyware, fake journalists to target UAE dissidents". CSO Online.
- ↑ Eduard Kovacs (May 31, 2016). ""Stealth Falcon" Threat Group Targets UAE Dissidents - SecurityWeek.Com". www.securityweek.com.
 | This organization-related article is a stub. You can help Wikipedia by expanding it. |
 | This computer security article is a stub. You can help Wikipedia by expanding it. |