▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄
▐ ▌▐ ▌▐ ▌▐ ▌▐ ▌▐ ▌▐ ▌
▐ █▀▀▀▀▀▀▀▀▀ ▐ █▀▀▀▀▀▀▀█ ▌▐ █▀▀▀▀▀▀▀█ ▌▐ █▀▀▀▀▀▀▀█ ▌▐ █▀▀▀▀▀▀▀▀▀ ▐ █▀▀▀▀▀▀▀█ ▌▐ █▀▀▀▀▀▀▀█ ▌
▐ ▌ ▐ ▌ ▐ ▌▐ ▌ ▐ ▌▐ ▌ ▐ ▌▐ ▌ ▐ ▌ ▐ ▌▐ ▌ ▐ ▌
▐ ▌ ▐ ▌ ▐ ▌▐ ▌ ▐ ▌▐ █▄▄▄▄▄▄▄█ ▌▐ █▄▄▄▄▄▄▄▄▄ ▐ █▄▄▄▄▄▄▄█ ▌▐ ▌ ▐ ▌
█▀▀▀▐ ▌ ▐ ▌ ▐ ▌▐ ▌ ▐ ▌▐ ▌▐ ▌▐ ▌▐ ▌ ▐ ▌ ▀▀▀█
▌ ▐ ▌ ▐ ▌ ▐ ▌▐ ▌ ▐ ▌▐ █▀▀▀▀▀▀▀▀▀ ▐ █▀▀▀▀▀▀▀▀▀ ▐ █▀▀▀▀█ █▀▀ ▐ █▄▄▄▄▄▄▄█ ▌ ▐
▌ ▐ ▌ ▐ ▌ ▐ ▌▐ ▌ ▐ ▌▐ ▌ ▐ ▌ ▐ ▌ ▐ ▌ ▐ ▌ ▐
▌ ▐ █▄▄▄▄▄▄▄▄▄ ▐ █▄▄▄▄▄▄▄█ ▌▐ █▄▄▄▄▄▄▄█ ▌▐ ▌ ▐ █▄▄▄▄▄▄▄▄▄ ▐ ▌ ▐ ▌ ▀▀▀▀▀▀█ █▀▀ ▐
▌ ▐ ▌▐ ▌▐ ▌▐ ▌ ▐ ▌▐ ▌ ▐ ▌ ▐ ▌ ▐
▌ ▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀ ▀ ▀▀▀▀▀▀▀▀▀▀▀ ▀ ▀ ▀ ▐
▌ ▐
▌ A security researcher and public interest technologist working with at risk people. ▐
▌ ▐
▌ Bluesky | Mastodon | Github | Email cooperq at cooperq dot com ▐
▌ ▐
█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█
█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
▌ ▐
▌ -=BIO=- ▐
▌ ▐
▌ Cooper is a security researcher and Senior Staff Technologist with the EFF Threat Lab. He ▐
▌ has worked on projects including Privacy Badger, Canary Watch, and analysis of state sponsored ▐
▌ malware campaigns such as Dark Caracal. He has also given security trainings for activists, ▐
▌ non profit workers, and vulnerable populations around the world. ▐
▌ ▐
▌ Cooper has given talks about security research at prestigeous security conferences including ▐
▌ Black Hat, DEFCON, Enigma Conference, and ReCon about issues ranging from IMSI Catcher ▐
▌ detection to fem tech privacy issues to newly discovered APTs. Cooper has also been published ▐
▌ or quoted in publications including: The New York Times, Reuters, NPR, CNN, and Al Jazeera. ▐
▌ ▐
▌ He previously worked building websites for non-profits, including Greenpeace, Adbusters, and ▐
▌ the Chelsea Manning Support Network. Cooper was also an editor and contributor to the ▐
▌ hacktivist journal, "Hack this Zine." ▐
▌ ▐
▌ Cooper also serves as advisor to CORD Labs. In his spare time he enjoys making ▐
▌ music, visualizing a solar-punk communitarian future, and playing with his kids. ▐
▌ ▐
▌ ▐
█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█
█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
▌ ▐
▌ -=PROJECTS=- ▐
▌ ▐
▌ * Rayhunter ▐
▌ The follow up to Crocodile Hunter! This is open source software to detect cell-site ▐
▌ simulators, better known as stingrays or IMSI Catchers using a commodity cellular hotspot. ▐
▌ Rayhunter allows you to get pcaps of traffic between your modem and scans the traffic in ▐
▌ real time looking for anomolies. ▐
▌ ▐
▌ * Crocodile Hunter ▐
▌ A tool to detect cell-site simulators, better known as stingrays or IMSI Catchers. ▐
▌ It works by mapping all cellular base stations in an area and looking for anomolies. ▐
▌ ▐
▌ * YAYA ▐
▌ This tool was written to manage collections of YARA rules and run scans with the best ▐
▌ sourced YARA rules available. I hope this tool will also make it easier for other publicly ▐
▌ researchers to manage their collections of rules. It's also my first project in GO. ▐
▌ ▐
▌ * Privacy Badger ▐
▌ Block Trackers in your browser! Cooper was the lead and sometimes sole developer on this ▐
▌ project from inception until the first 1 million users. Now Privacy Badger has over ▐
▌ 4 million users! ▐
▌ ▐
▌ ▐
█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█
█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
▌ ▐
▌ -=WRITING=- ▐
▌ ▐
▌ * What is Secure? An Analysis of Popular Messaging Apps [2023] ▐
▌ ▐
▌ * Uncle Sow: Dark Caracal in Latin America [2023] ▐
▌ ▐
▌ * Snowflake Makes It Easy For Anyone to Fight Censorship [2023] ▐
▌ ▐
▌ * An EFF Investigation: Mystery GPS Tracker On A Supporter’s Car [2022] ▐
▌ ▐
▌ * Anti-War Hacktivism is Leading to Digital Xenophobia and a More Hostile Internet [2022] ▐
▌ ▐
▌ * The Catalog of Carceral Surveillance (series) [2021] ▐
▌ ▐
▌ * Dark Caracal: You Missed a Spot [2020] ▐
▌ ▐
▌ * Introducing “YAYA”, a New Threat Hunting Tool From EFF Threat Lab [2020] ▐
▌ ▐
▌ * Your Phone Is Vulnerable Because of 2G, But it Doesn't Have to Be [2020] ▐
▌ ▐
▌ * A Quick and Dirty Guide to Cell Phone Surveillance at Protests [2020] ▐
▌ ▐
▌ * Thermal Imaging Cameras are Still Dangerous Dragnet Surveillance Cameras [2020] ▐
▌ ▐
▌ * Ring Throws Customers Under the Bus After Data Breach [2019] ▐
▌ ▐
▌ * Watering Holes and Million Dollar Dissidents: the Changing Economics of Surveillance [2019] ▐
▌ ▐
▌ * Cyber-Mercenary Groups Shouldn't be Trusted in Your Browser or Anywhere Else [2019] ▐
▌ ▐
▌ * The 5G Protocol May Still Be Vulnerable to IMSI Catchers [2019] ▐
▌ ▐
▌ * There are Many Problems With Mobile Privacy but the Presidential Alert Isn’t One of Them[2019] ▐
▌ ▐
▌ * Sextortion Scam: What to Do If You Get the Latest Phishing Spam Demanding Bitcoin [2018] ▐
▌ ▐
▌ * Our Cellphones Aren't Safe (New York Times Opinion) [2018] ▐
▌ ▐
▌ * Dark Caracal - Cyber Espionage at a Global Scale (A follow up to Operation Manul) [PDF] [2018] ▐
▌ ▐
▌ * The Pregnancy Panopticon (A study of privay leaks in womens health tech) [PDF] [2017] ▐
▌ ▐
▌ * Operation Manul - Unveiling a Kazakh malware campaign (My first APT report!) [PDF] [2016] ▐
▌ ▐
▌ ▐
█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█
█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
▌ ▐
▌ -=TALKS=- ▐
▌ ▐
▌ * Getting PCAPs from IMSI Catchers for $20 [Shmoocon 2025] ▐
▌ ▐
▌ * What's Happening With Appin: The Censorship of Threat Intelligence [HOPE 2024] ▐
▌ ▐
▌ * Which messaging app is truely secure? [It Could Happen Here 2023] ▐
▌ ▐
▌ * Tracking the World's Dumbest Cyber Mercenaries [DEF CON 2023] ▐
▌ ▐
▌ * Detecting Fake LTE Towers in Real Time [Enigma 2021] ▐
▌ ▐
▌ * Detecting Fake 4G Base Stations in Real Time [DEFCON 2020] [Blackhat 2020] ▐
▌ ▐
▌ * Dark Caracal (Podcast) [Darknet Diaries 2019] ▐
▌ ▐
▌ * Dark Caracal: How to Burn a Spy Agency and Get Away With It [HOPE 2018] ▐
▌ ▐
▌ * Dark Caracal Part 1: Introducing Dark Caracal [Kaspersky SAS 2018] ▐
▌ ▐
▌ * KQED Newsroom - Ransomware [TV Broadcast 2017] ▐
▌ ▐
▌ * The Internet Already Knows I'm Pregnant (First Defcon talk) [DEFCON 2017] ▐
▌ ▐
▌ * Privacy Badger and Panopticlick vs. the Trackers, Round 1 [HOPE 2016] ▐
▌ ▐
▌ * When Governments Attack - Operation Manul (First Blackhat talk) [Blackhat 2016] ▐
▌ ▐
▌ ▐
█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█
█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
▌ ▐
▌ -=PORTRAIT=- ▐
▌ ▐
▌ .-=+**#%##*+=-:. ▐
▌ .=*##%%%%%%%%%%%%%%%#**++=: ▐
▌ ..*####%%%%%%###%%%%%%%%%%%%%%%*: ▐
▌ .=*#######*#%%%%****%%%%%%%%%%%%@@@%* ▐
▌ -*#####%#***#%%%%%#**#*%%%%%%%%%@@@@@@@+ ▐
▌ =######%%%**#**#######%%%#%%%%%%@@@@@@@@@@: ▐
▌ :##%%%***###%####%%%%%%%%%%%%%%%%@@@@@@@@@@@%= ▐
▌ #%%%%%###*##%%%%%%A%C%A%B%%%%%%%%%@@@@@@@@@@@%- ▐
▌ #%%%%%*#%###%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@* ▐
▌ %%%%%%%#%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@: ▐
▌ =%%%%%%%%%%%%%%%################%%%%%%@@@@@@@@@@# ▐
▌ +%%%%%%%%%%#####%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@: ▐
▌ +%%%%%%%%%%@@@@@@%%%%%%%%%%%%%%%%@@@@@@%%%%%%%%%%= ▐
▌ =%%%%%%@@@@@@%%%%%%%%######%%%%%%%%%%%@@@@@@@@@%%* ▐
▌ +%%@@@@@@@%%%%%%%%##############%%%%%%%%%%%%%@@@@% ▐
▌ .*%@@@@@@%%%%%%%######*************####%%%%####%@@@@: ▐
▌ %@@@@@@%%%#######****+++***++++++******#########%@@@+ ▐
▌ .:-@@@%#*******#***++++++++++++++**###%##########%@@@@*. ▐
▌ .:%@%%*+++****########**++++++*##%%%#####%%%%%%@%@@%@%***+. ▐
▌ .=%%@#+***#########%########%%%#########%%%##@%%@@@%%%%%%. ▐
▌ :%%@%###%#****####%##**#%#*%%###########%###%##%@@%%%%%# ▐
▌ *#%%#+*%*********####*+#*++*%%######*####***#*#%@@%%%%%* ▐
▌ -+*###==+*+********#**++%+++*#%#************#***#%@%#%%#. ▐
▌ ==+*#%+==*+=+++++*+++++#*+++**#%###******###*****%%#*+= ▐
▌ -+#**#+===+++********#*+++++**####***+++++*******##**+-: ▐
▌ -=*%+*+=========+++++++=====++**##*++++++++*****###**-.: ▐
▌ :=+#*=+===========++++=+*+++**###**++++++++*****##%*+: ▐
▌ :+#+-*==========+++===+*++**+##**+++++++++*****###=-. ▐
▌ .=**+========+++====++++*********++++*******##* ▐
▌ :+*++=====+++++++++++++++********++*******###* ▐
▌ -*++++++++++**++++++++**######**+**#**#*###+ ▐
▌ +*+++++=+++******++***************######%%- ▐
▌ *+++++++++++======+++++++*******######%%%+ ▐
▌ -**+**+++*+++===+++**********######%#%%%%##. ▐
▌ +#********++++++++**++******####%#%%%%%%%%= ▐
▌ =##*******+++=====+++++++**#######%%%%%#%@@#: ▐
▌ .=*#%###*******++++==+++++****##%%%%%%%@%%%###@@@#=. ▐
▌ .=*%%%%**###***###***++++******##%%%%%%%%%%%%%#**%@@@@@#+-. ▐
▌ :-=*###%%%%%=+*####***#############%%%%%%%%%%%%%%##***%@@@@@@@@@#+-. ▐
▌ .:=+*#%%#####%%%%%==***############%%%%%%%%%%%%@%%%%%%##***%@@@@@@@@@@@@@@%+ ▐
▌ :-=+*#%%%%%%%%%%%%%%%%%%%*==++**##%%%%%%%%%%%%%%%@@%%%%%####****#%@@@@@@@@@@@@@@@@%%# ▐
▌ -=*##%%%%%%%%%%%%%%%%%%%%%@%%%%*==+++++**####%%%%#%%%#####**********%@@@@@@@@@@@@@@@@@@@@% ▐
▌ =%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%#+===++++++++++++++++++++++***++*#%@@@@@@@@@@@@@@@@@@@@@@% ▐
▌ =%%%%%%%%%%%%%%%%%%%%%%%%%%%@%%%%%#+==================+++++++*#%@@@@@@@@@@@@@@@@@@@@@@@@@% ▐
▌ #%%%%%%%%%%%%%%%%%%%%%%%%%%%@@%%%@%%#++================+*#%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@% ▐
▌ +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@%%@@@@@%%##********##%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@% ▐
▌ #%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@= ▐
▌ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@: ▐
▌ .%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@: ▐
▌ .%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@. ▐
▌ :%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ▐
▌ :%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ▐
▌ =%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@- ▐
▌ #%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@= ▐
▌ #%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@* ▐
▌ ▐
▌ ▐
█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█