GET HELP TO COMBAT SPYWARE THREATS

Amnesty International has developed the Mobile Verification Toolkit, a tool to facilitate the consensual forensic analysis of Android and iOS devices, for the purpose of identifying traces of compromise. It continues to be maintained by Amnesty International and other contributors.

MVT is a forensic research tool intended for technologists and investigators. Using it requires understanding the basics of forensic analysis and using command-line tools. MVT is not intended for end-user self-assessment. 

Mobile Verification Toolkit (mvt.re)

FOR CIVIL SOCIETY AND HUMAN RIGHTS DEFENDERS:

The Security Lab offers a free-of-charge Digital Forensics analysis service for human rights defenders, activists, journalists, and other civil society members at risk. If you have reason to believe your accounts or devices may have been targeted by spyware, you can contact us using the support request form below. 

SUPPORT REQUEST

If you are a member of civil society, please complete the form below to contact our team at the Security Lab. 

Note: The Security Lab is not in a position to provide general digital security trainings or technical support.  

All requests will be reviewed by our team of expert Technologists. However – we will only have capacity to respond directly in those cases where we determine that: 

1) your case fits within our remit to support civil society; and  

2) where we believe that there is a reasonable chance that an investigation by our team may find evidence that a spyware attack has taken place. 

For this reason, we strongly request that you include as much relevant information on the secure form as possible about your circumstances and the reasons that you believe you may have been targeted by spyware or another form of sophisticated digital surveillance.

We will respond to requests that fit the above criteria.

How do we determine if someone has been targeted by spyware?

The Security Lab uses a variety of research methodologies to understand the surveillance threats that impact civil society, including if an individual has been targeted by spyware. This includes gathering threat intelligence by tracking the sale and deployment of various spyware products and surveillance systems. In addition, through forensic investigations we gather information from mobile phones or devices like laptops to look for signs of malicious activity, which may indicate a digital attack has occurred. 

The Security Lab also supports other civil society helplines and partner organisation to improve their own capacity to detect digital threats. 

How do we ensure your privacy is protected?

Amnesty International’s Security Lab is committed to ensuring the privacy of all our users. We have long campaigned for the right to privacy and that is a core tenet of our work.  

To provide digital forensics support, the Security Lab may require personally identifiable information, such as requesting access to your devices and their contents. We will only request the necessary data to fulfil our purpose of providing digital forensics support. We take appropriate security measures to ensure that we keep your information secure, and we will not share your forensic information with third parties (such as partner organisations) unless you have given your permission, we are legally required to, or it is crucial to provide adequate support. If you are under 18 years old, please make sure that you have your parent/guardian’s permission before giving us personal information.  

For a clear explanation on what type of information we collect, how it is collected and used, and what your rights are, please refer to our Privacy Policy.  

How do we support against other forms of targeted digital attacks?

Spyware is one form of digital attack, but governments and non-state actors may use other forms of targeted digital attacks. To support building your digital resilience and security, the Security Lab has brought together a Digital Security Resource Hub. 

In the Hub you can find:  

1. Recommendations to protect your devices and data. Not all individuals face the same level of risk, so recommendations are grouped by risk level. 

2. Digital and information security resources created by civil society organisations and available in multiple languages for different geographies. All resources listed are free, accessible, high quality and are regularly updated. These include: 
   • Helplines and helpdesks if you need immediate support; 
   • Guides and tools you can use to enhance your digital resilience and security.  

This list is updated on an ongoing basis, so please feel free to suggest additional resources and share any feedback by contacting us.