Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] New Citizen Lab report

Ronald Deibert r.deibert at
Thu Oct 15 05:36:16 PDT 2015

Dear Libtech

The Citizen Lab has published a new report this morning, called "Pay No Attention to the Server Behind the Proxy: Mapping FinFisher’s Continuing Proliferation."  The research is a continuation of several prior reports of ours that attempt to map the infrastructure of FinFisher, a notorious purveyor of commercial spyware which we have found linked to countries with poor human rights records. 

Although marketed as a tool for fighting crime, the spyware has been involved in a number of high-profile surveillance abuses.  Between 2010 and 2012, Bahrain’s government used FinFisher to monitor some of the country’s top law firms, journalists, activists, and opposition political leaders.  Ethiopian dissidents in exile in the United Kingdom and the United States have also been infected with FinFisher spyware.

In our new report, we devise a method for querying FinFisher’s “anonymizing proxies” to unmask the true location of the spyware’s master servers.  Since the master servers are installed on the premises of FinFisher customers, tracing the servers allows us to identify which governments are likely using FinFisher.  In some cases, we can trace the servers to specific entities inside a government by correlating our scan results with publicly available sources.  Our results indicate 32 countries where at least one government entity is likely using the spyware suite, and we are further able to identify 10 entities by name. 

Here is a link to the map of the country findings:

Our full report is here:
Authors: Bill Marczak, John Scott-Railton, Adam Senft, Irene Poetranto, and Sarah McKune

Associated Press:


All the best,

Ronald Deibert
Director, the Citizen Lab 
Munk School of Global Affairs
University of Toronto
(416) 946-8916
r.deibert at

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list