Alemdar Islamoglu - 从获取到归因追踪中国移动监控行动.pdf

《Alemdar Islamoglu - 从获取到归因追踪中国移动监控行动.pdf》由会员分享，可在线阅读，更多相关《Alemdar Islamoglu - 从获取到归因追踪中国移动监控行动.pdf（56页珍藏版）》请在三个皮匠报告上搜索。

1、Tracing Mobile Chinese Surveillance Operations fromAcquisition to AttributionKristina BalaamAlemdar Islamoglu Lookout,Inc.|Confidential and Proprietary2Who We AreAlemdar IslamogluSenior Staff Security Intelligence ResearcherFocuses on mobile APT activity from North Korea and the Middle East.Recent p

2、ublic work:Hermit,BouldSpy and GuardZooExtensive experience in reverse engineering,penetration testing,and security software development.https:/ BalaamSenior Staff Security Intelligence ResearcherPrimarily focuses on campaigns initiated by Chinese threat actors.Recent reporting:DragonEgg/WyrmSpy,MOO

3、NSHINE&Android BadBazaarPassion for uncovering threats that target marginalized populations within mainland China and abroad.https:/ Chinese Mobile Surveillance LandscapeEagleMsgSpy:A Lawful Intercept ToolBypassing packersAttributing EagleMsgSpyConnections to Public Security Bureaus Lookout,Inc.|Con

4、fidential and Proprietary4The Mobile Chinese Surveillance LandscapeCalls for Proposal(CFPs)Private Contractors“Five Poisons”TargetingLocal governments publish calls for proposal to purchase Evidence Collection System or Forensic tools.Legitimate software development companies with small teams(orgs w

5、ith 50 employees)Pro-democracy supporters,proponents of Taiwans independence,Tibetan and Uyghur separatists and Falun Gong practitioners.Lookout,Inc.|Confidential and Proprietary5The Mobile Chinese Surveillance LandscapeCalls for Proposal(CFPs)Private Contractors“Five Poisons”TargetingLocal governme

6、nts publish calls for proposal to purchase Evidence Collection System or Forensic tools.Legitimate software development companies with small teams(orgs with 50 employees)Pro-democracy supporters,proponents of Taiwans independence,Tibetan and Uyghur separatists and Falun Gong practitioners.Lookout,In