How are activists targeted for surveillance in 2021? Top-tier cyber surveillance vendors selling 0-days are a major problem. However, many under-resourced activists are still at risk from a less-sophisticated tier of persistent attackers.

In this talk we will share a case study of one such attack campaign targeting activists in West Africa. We will describe the attacks and document the custom malware tools and techniques they are using to gain access to their targets.

Our investigation has allowed us to attribute this new malware campaign to a known APT group that has traditionally been active in Asia. We will show how a series of OPSEC failures allowed us to link this APT group campaign back to a commercial cybersecurity company in Asia. We believe this company is the hacker-for-hire group responsible for these attacks.

Got a question about this presentation? During the live broadcast post your question in the #q-and-a channel on Discord or, to get in touch with the speaker later, contact Donncha on Keybase at @DonnchaC or on Twitter at @DonnchaC.