State-Sponsored Malware

Malware, short for “malicious software,” is software that is used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. The vast majority of malware is criminal, aimed at obtaining banking information or login credentials for email or social media accounts. But malware is also used by state actors. State intelligence agencies use malware to carry out covert actions against other states’ computer systems, such as Flame and Stuxnet. States and state-supporting actors also use malware to spy on activists, journalists, and dissidents.

Since March 2012, EFF has been collecting and analyzing malware deployed by pro-Syrian-government hackers that targets supporters of the Syrian opposition, covertly installs surveillance tools on their computers, and collects keystrokes, passwords, and screenshots. Our analysis has identified two distinct groups that have carried out prolonged phishing and malware campaigns using cheap or free Remote Access Tools, such as Black Shades Remote Controller and Dark Comet RAT. To date, EFF has reported on more than a dozen distinct attacks, which we have translated into Arabic in order to alert the Syrian community.

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Come ask us questions and upvote our reddit AMA on how Fast Track and TPP threaten users and the public interest: https://eff.org/r.j5f0

Apr 27 @ 12:03pm

EFF has deployed a new SSL certificate signed with SHA-2 for long-term security. https://eff.org/crt2015

Apr 27 @ 11:53am

We're doing a reddit AMA in an hour on the threats of TPP and Fast Track. Join us and 3 other public interest groups https://eff.org/r.ispe

Apr 27 @ 11:20am
JavaScript license information