Investigating politically motivated malware attacks since 2008

MalwareLab aims to contribute to the improvement of civil society information security by:

  • offering NGOs, journalists, and non-profit organizations timely analysis of malware samples. You can submit a malware support request or send us an email at support@malwarelab.zendesk.com with the suspicious files attached. We will send you a report describing the behaviour of the file, including the nature of the threat, and who is targeting you or your organization.

  • providing civil society, policy makers and the public with an accurate analysis of politically motivated, malware attacks through the fusion of technical data and socio-political context.

  • enabling a community of researchers from diverse backgrounds to contribute to a repository of malware data, develop methods and tools for malware investigations and collaborate on collection, analysis and reporting.

    About Us

    MalwareLab is an independent research collective comprised of analysts, volunteers, and trainees that investigate and report on politically motivated malware attacks, primarily against civil society organizations that work on China or Tibet issues. MalwareLab combines technical data with socio-political contextual analysis in order to better understand the capabilities and motivations of the attackers as well as the overall effects and broader implications of targeted attacks.

    Our mission is to accurately document and analyze politically motivated malware attacks in order to raise public awareness, inform policy makers and contribute to the improvement of information security in the civil society sector.

    MalwareLab is partnered with The SecDev Group - The SecDev Group is an operational consultancy focused on countries and regions at risk from violence and insecurity.

    Stay updated with announcements, get answers from the community and share your feedback and suggestions with us.

    You can also submit a request or send us an email at support@malwarelab.zendesk.com with suspicious files attached.

  •  
     

    MalwareLab

    Greg Walton March 30, 2013 Tibet & China Malware News

    New York Times hacking revelations shed new light on China cybercrime

    Experts suggest that Chinese government routinely employs 'vast army of hackers' to carry out covert spying campaigns

     

     

    "According to the UK-based cyber-security researcher Greg Walton, western experts know a fair amount about Chinese hackers' methods – their "tools, techniques and procedures," in information technology parlance. "But we know very little about the people behind these machines," he said. "If we want to tackle a problem of such complexity, and of such danger to civil society networks transnationally, were going to have to do a tremendous amount of research into the people behind these programs."

    Greg Walton March 30, 2013 Tibet & China Malware News

    Tibetan and Uyghur activists targeted with Android malware

    Hmm ... who'd want to do that?

    Free whitepaper – IT infrastructure monitoring strategies

    Researchers at Kaspersky Lab are reporting that Tibetan activists are being hit by a highly targeted form of Android malware that seeks to record their contacts, call logs, SMS messages, geolocation, and phone data.

    Greg Walton March 30, 2013 Tibet & China Malware News

    The trouble began even before the American filmmakers set foot in the Tibetan region of China.

    Greg Walton February 15, 2013 Journalist I.T. Security Resources

    New York Times hacking revelations shed new light on China cybercrime

    Experts suggest that Chinese government routinely employs 'vast army of hackers' to carry out covert spying campaign

     

     

    according to the UK-based cyber-security researcher Greg Walton, western experts know a fair amount about Chinese hackers' methods – their "tools, techniques and procedures," in information technology parlance. "But we know very little about the people behind these machines," he said. "If we want to tackle a problem of such complexity, and of such danger to civil society networks transnationally, we're going to have to do a tremendous amount of research into the people behind these programs."

    Greg Walton February 15, 2013 Journalist I.T. Security Resources

    Chinese 'hacked into computers' at New York Times during investigation into premier Wen Jiabao's $2 billion fortune

    • The paper claims that hackers were looking for files from its investigation into Mr Wen's family wealth
    • Security breaches are said to have begun hacking the paper's computers when it began its investigation last September

    By Steve Nolan

    |

    Greg Walton, a cyber-security researcher who has tracked Chinese hacking campaigns, said: 'Attacks on journalists based in China are increasingly aggressive, disruptive and sophisticated.'

    Executives had become concerned about security when Chinese officials warned them of unspecified consequences before they published their investigation into Wen Jiabao on October 25.

    The company that monitors its computer systems then confirmed activity consistent with hacking.