A new research report from Citizenlab painstaking traces the origins of a series of sophisticated hacking attacks launched at Rori Donaghy, a UK journalist for Middle East Eye who founded the Emirates Center for Human Rights, which reports critically on the autocratic regime that runs the UAE, and 27 other targets.
The researchers show strong circumstantial evidence to suggest that the UAE government launched these attacks.
Stealth Falcon’s technical approach may not be cutting edge, but the operators are neither unsophisticated or ineffective. Analyzed holistically as an operation, Stealth Falcon is a logical and multi-pronged approach to compromising and unmasking a class of targets. Stealth Falcon’s campaign highlights the power of social engineering, once a technical bar has been met, in conducting a large scale campaign.
Contemporary social movements and civil society groups rely heavily on the internet for both their core operations, as well as advocacy activities. Yet these groups are often operating outside a centrally managed IT environment. The constant sharing of links and materials, as well as regular communications with journalists makes them especially vulnerable to targeting with social engineering.
However, the emphasis on social engineering can also cut in the other direction. Many modern attack techniques require an attacker to interact with a target. When operators like Stealth Falcon send malicious e-mails and tweets, there are a range of opportunities for retrospective investigation. As this report shows, the inboxes of targets, for example, are often a more efficient object of investigation than computers themselves, especially once features of a particular campaign are recognized.
Keep Calm and (Don’t) Enable Macros: A New Threat Actor Targets UAE Dissidents
[Bill Marczak and John Scott-Railton/Citizenlab]
VPNFilter is a virulent, sophisticated, multistage worm that has successfully infected 500,000 home routers, leaving them vulnerable to both surveillance (the malware snoops network traffic for passwords) and region-wide internet shutdowns (VPNFilter can brick the routers it infects, and an attacker could shut down most or all of the home/small business internet access in a […]
VPNFilter is a sophisticated, multi-stage malware package, part of the new breed of boot-persistent malware (software that can survive a reboot); it targets home routers and network-attached storage devices, then steals passwords and logins that traverse the network and exfiltrates it to the creators' servers.
The White House Communications Agency, staffed with military information security experts, is in charge of making sure that the President's cellular phone isn't getting hacked by adversaries who might otherwise be able to listen in on his calls, capture his messages, intercept his search history, and remotely operate his camera and microphone. Donald Trump routinely […]
Businesses big and small use Microsoft Excel for everything from data visualization to bookkeeping, and chances are you’ve already had some exposure to this ubiquitous tool. Whether you’re looking to improve your hiring potential or boost your Excel efficiency, the Ultimate All-Level Excel Bootcamp can get you Excel-savvy with nearly 70 hours of training, and it’s […]
The workday is long, and inevitably, you’re going to find yourself needing to take a break from the daily grind. With Mini Materials Miniature Cinder Blocks, you can take some time for yourself and decompress by turning your desk into a miniature construction site. They’re available today in the Boing Boing Store for $22.49. Handmade […]
Handheld radios might seem a bit archaic, but in an emergency situation, few things will keep you as reliably connected to the outside world. This Emergency Multi-Function Radio & Flashlight takes the utility of the tried-and-true radio and combines it with a powerful flashlight and self-sufficient energy system. It’s available in the Boing Boing Store for […]