Research and Publications

Below are a selection of research reports and publications which I have authored or contributed to.

Research#

2023#

Global Surveillance: The Secretive Swiss Dealer Enabling Israeli Spy Firms - Supported investigation into a key enabler of the global SS7 surveillance industry, Haaretz and Der Spiegel, May 2023

In-the-wild iPhone zero-day chain fixed - Uncovered (with Google TAG) an iPhone zero-day browser exploit used by a mercenary spyware company, resulting in an emergency update for all iPhone users (CVE-2023-28205, CVE-2023-28206), Amnesty International, April 2023

Amnesty International uncovers new hacking campaign linked to mercenary spyware company - Uncovered (with Google TAG) a zero-day exploit chain and spyware linked to a mercenary spyware company targeting Android users (CVE-2022-4262, CVE-2023-0266), Amnesty International, March 2023

“Team Jorge”: In the heart of a global disinformation machine - Provided technical and investigative expertise to major investigation into the hack-for-hire and disinformation industry, Forbidden Stories consortium, February 2023

2022#

Iran: State-Backed Hacking of Activists, Journalists, Politicians - Joint investigation between Human Rights Watch and the Amnesty International Security Lab, December 2022

Exploit archaeology: a forensic history of in-the-wild NSO Group exploits - Donncha Ó Cearbhaill and Bill Marczak, September 2022

Morocco/Western Sahara: Activist targeted with Pegasus spyware in recent months - Amnesty International, March 2022

Bahrain: Devices of three activists hacked with Pegasus spyware - Amnesty International, February 2022

Poland: Use of Pegasus spyware to hack politicians highlights threat to civil society - Amnesty International, January 2022

El Salvador: Amnesty International verifies use of Pegasus spyware for surveillance of journalists - Amnesty International, January 2022

2021#

Kazakhstan: Four activists’ mobile devices infected with Pegasus Spyware - Amnesty International, December 2021

Devices of Palestinian Human Rights Defenders Hacked with NSO Group’s Pegasus Spyware - Amnesty International, November 2021

Hackers-for-hire in West Africa: Activist in Togo attacked with Indian-made spyware - Amnesty International, September 2021

Forensic Methodology Report: How to catch NSO Group's Pegasus - Amnesty International, July 2021

2020#

German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed - Amnesty International, September 2020

Moroccan Journalist Targeted With Network Injection Attacks Using NSO Group's Tools - Amnesty International, June 2020

India: Human Rights Defenders Targeted by a Coordinated Spyware Operation, Amnesty International and the Citizen Lab, June 2020

Bahrain, Kuwait and Norway contact tracing apps among most dangerous for privacy - Amnesty International, June 2020

Qatar: Contact tracing app security flaw exposed sensitive personal details of more than one million - Amnesty International, May 2020

Targeted Surveillance Attacks in Uzbekistan: An Old Threat with New Techniques - Amnesty International, March 2020

2019#

Morocco: Human Rights Defenders Targeted with NSO Group's Spyware - Amnesty International, October 2019

Evolving Phishing Attacks Targeting Journalists and Human Rights Defenders from the Middle-East and North Africa - Amnesty International, August 2019

Exodus: New Android Spyware Made in Italy - Security Without Borders, March 2019

Phishing attacks using third-party applications against Egyptian civil society organizations - Amnesty International, March 2019

2018 and earlier#

When Best Practice Isn't Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users - Amnesty International, December 2018

Amnesty International Among Targets of NSO-Powered Campaign - Amnesty International, August 2018

Human Rights Under Surveillance - Digital Threats Against Human Rights Defenders in Pakistan - Amnesty International, May 2018

Reliably compromising Ubuntu desktops by attacking the crash reporter - Personal research which uncovered exploitable remote code execution vulnerabilities in the default Ubuntu installation (CVE-2016-9949, CVE-2016-9950, CVE-2016-9951), Donncha O Cearbhaill, December 2016

Adios Hola: A critical analysis of security and privacy risks harms from a “community-powered” VPN - Adios Hola collaborators, May 2015

Synthesis and Evaluation of Removable Acyl Transfer Auxiliaries for Extended Chemical Ligation - Final year thesis for bachelor’s degree in Medicinal Chemistry, May 2015.