Welcome to the VB2021 conference!

arrow left Back

Hackers-for-hire in West Africa: a threat actor spreads its wings

17:00 - 17:30 UTC Thu 7 Oct 2021
Donncha Ó Cearbhaill (Amnesty International)
How are activists targeted for surveillance in 2021? Top-tier cyber surveillance vendors selling 0-days are a major problem. However, many under-resourced activists are still at risk from a less-sophisticated tier of persistent attackers.

In this talk we will share a case study of one such attack campaign targeting activists in West Africa. We will describe the attacks and document the custom malware tools and techniques they are using to gain access to their targets.

Our investigation has allowed us to attribute this new malware campaign to a known APT group that has traditionally been active in Asia. We will show how a series of OPSEC failures allowed us to link this APT group campaign back to a commercial cybersecurity company in Asia. We believe this company is the hacker-for-hire group responsible for these attacks.

Got a question about this presentation? During the live broadcast post your question in the #q-and-a channel on Discord or, to get in touch with the speaker later, contact Donncha on Keybase at @DonnchaC or on Twitter at @DonnchaC.
Donncha Ó Cearbhaill
Amnesty International

Donncha is a researcher and technologist at Amnesty International. Based out of Amnesty's Digital Security Lab in Berlin, his primary focus is on investigating and exposing targeted surveillance against activists and human rights defenders. Before joining Amnesty he worked on Deflect.ca, a free DDoS mitigation solution for civil society and independent media organisations.