Wednesday 30 September 14:30 - 15:00, Green room
Donncha Ó Cearbhaill (Amnesty International)
How are activists targeted for surveillance in 2020? Top-tier cyber surveillance vendors selling 0-days are a major problem. However, many under-resourced activists are still at risk from a less-sophisticated tier of persistent attackers.
In this talk we will share a case study of one such attack campaign targeting activists in West Africa. We will describe the attacks and document the custom malware tools and techniques they are using to gain access to their targets.
Our investigation has allowed us to attribute this new malware campaign to a known APT group that has traditionally been active in Asia. We will show how a series of OPSEC failures allowed us to link this APT group campaign back to a commercial cybersecurity company in Asia. We believe this company is the hacker-for-hire group responsible for these attacks.
|
Donncha Ó Cearbhaill Donncha is a researcher and technologist at Amnesty International. Based out of Amnesty's Digital Security Lab in Berlin, his primary focus is on investigating and exposing targeted surveillance against activists and human rights defenders. Before joining Amnesty he worked on Deflect.ca, a free DDoS mitigation solution for civil society and independent media organisations. |
Jakub Souček (ESET)
Martin Jirkal (ESET)
Itay Cohen (Check Point Research)
Eyal Itkin (Check Point Research)