Hackers-for-hire in West Africa: a threat actor spreads its wings

Wednesday 30 September 14:30 - 15:00, Green room

Donncha Ó Cearbhaill (Amnesty International)

How are activists targeted for surveillance in 2020? Top-tier cyber surveillance vendors selling 0-days are a major problem. However, many under-resourced activists are still at risk from a less-sophisticated tier of persistent attackers.

In this talk we will share a case study of one such attack campaign targeting activists in West Africa. We will describe the attacks and document the custom malware tools and techniques they are using to gain access to their targets.

Our investigation has allowed us to attribute this new malware campaign to a known APT group that has traditionally been active in Asia. We will show how a series of OPSEC failures allowed us to link this APT group campaign back to a commercial cybersecurity company in Asia. We believe this company is the hacker-for-hire group responsible for these attacks.



Donncha Ó Cearbhaill

Donncha is a researcher and technologist at Amnesty International. Based out of Amnesty's Digital Security Lab in Berlin, his primary focus is on investigating and exposing targeted surveillance against activists and human rights defenders. Before joining Amnesty he worked on Deflect.ca, a free DDoS mitigation solution for civil society and independent media organisations.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.