Malpedia Library

Click here to download all references as Bib-File.•

2023-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert
Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains

2023-04-11 ⋅ CitizenLab ⋅ Astrid Perry, Bahr Abdul Razzak, Bill Marczak, Emma Lyon, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis, Zoe Panday
Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers
Carmine Tsunami

2022-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, Elies Campo, Gözde Böcü, John Scott-Railton, Ron Deibert, Salvatore Solimano, Siena Anstis
CatalanGate Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru
Chrysaor Caramel Tsunami

2022-04-05 ⋅ CitizenLab ⋅ Bill Marczak, CitizenLab, Front Line Defenders, Mohammed Al-Maskati, Ron Deibert, Siena Anstis
Peace through Pegasus Jordanian Human Rights Defenders and Journalists Hacked with Pegasus Spyware
Chrysaor

2021-12-16 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware
Chrysaor Caramel Tsunami

2021-11-08 ⋅ CitizenLab ⋅ CitizenLab
Devices of Palestinian Human Rights Defenders Hacked with NSO Group’s Pegasus Spyware
Chrysaor

2021-10-24 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Breaking the News New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts
Chrysaor

2021-09-13 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
FORCEDENTRY NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860)

2021-08-24 ⋅ CitizenLab ⋅ Ali Abdulemam, Bill Marczak, John Scott-Railton, Kristin Berdan, Noura Al-Jizawi, Ron Deibert, Siena Anstis
From Pearl to Pegasus Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits
Chrysaor

2021-07-18 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Independent Peer Review of Amnesty International’s Forensic Methods for Identifying Pegasus Spyware
Chrysaor

2021-07-15 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Ron Deibert
Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
Chainshot

2020-12-20 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis
The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit
Chrysaor

2020-12-01 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Ron Deibert, Siddharth Prakash Rao, Siena Anstis
Running in Circles Uncovering the Clients of Cyberespionage Firm Circles

2020-06-09 ⋅ Github (citizenlab) ⋅ CitizenLab
Dark Basin Indicators of Compromise
Dark Basin

2020-06-09 ⋅ CitizenLab ⋅ Adam Hulcoop, Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Siena Anstis
Dark Basin Uncovering a Massive Hack-For-Hire Operation
Dark Basin

2020-05-07 ⋅ The Citizenlab ⋅ Christopher Parsons, Jedidiah Crandall, Jeffrey Knockel, Lotus Ruan, Ron Deibert, Ruohan Xiong
We Chat, They Watch: How International Users Unwittingly Build up WeChat’s Chinese Censorship Apparatus

2020-01-28 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton, Masashi Crete-Nishihata, Ron Deibert, Siena Anstis
Stopping the Press: New York Times Journalist Targeted by Saudi-linked Pegasus Spyware Operator
Chrysaor

2018-09-18 ⋅ The Citizenlab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert, Sarah McKune
Hide and Seek: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
Chrysaor

2016-11-17 ⋅ CitizenLab ⋅ Adam Hulcoop, Etienne Maynier, John Scott-Railton, Masashi Crete-Nishihata, Matt Brooks
It’s Parliamentary - KeyBoy and the targeting of the Tibetan Community
KeyBoy

2016-05-29 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton
Keep Calm and (Don’t) Enable Macros: A New Threat Actor Targets UAE Dissidents
Stealth Falcon

2015-12-08 ⋅ The Citizenlab ⋅ Claudio Guarnieri, John Scott-Railton, Marion Marschalek, Morgan Marquis-Boire
Packrat: Seven Years of a South American Threat Actor
AdWind Adzok CyberGate Xtreme RAT Packrat

2015-08-27 ⋅ CitizenLab ⋅ John Scott-Railton, Katie Kleemola
London Calling: Two-Factor Authentication Phishing From Iran
Rocket Kitten

2013-08-02 ⋅ CitizenLab ⋅ Katie Kleemola, Seth Hardy
Surtr Malware Family Targeting the Tibetan Community
surtr

2010-04-06 ⋅ CitizenLab ⋅ CitizenLab, Information Warfare Monitor, Shadowserver Foundation
SHADOWS IN THE CLOUD: Investigating Cyber Espionage 2.0
Shadow Network