- From Alexander Graham Bell to an AI assistant guiding your customer journey, CX has come a long way (baby)!
- Cisco U. Spotlight: Your Best Day of Learning is Waiting
- A data-driven farming revolution: Smart Greenhouse in Greece
- さくらインターネットのCIOが語る「CIOの役割や魅力」とは
- These backyard solar panels are saving me $30 a month - Here's how
NCSC Warns of Spyware Targeting Chinese and Taiwanese Diaspora
Security agencies in the UK and allied countries today warned members of Uyghur, Tibetan and Taiwanese communities that they may be a target for newly discovered spyware variants.
The UK’s National Cyber Security Centre (NCSC) joined its counterparts in the US, Australia, Canada, Germany and New Zealand to raise the alarm over the Trojanized malware, which it said is hidden in legitimate-looking mobile apps such as “TibetOne.”
The two variants, dubbed “Moonshine” and “Badbazaar,” are designed to covertly access device mics, cameras, messages, photos and real-time location data, the NCSC claimed.
The advisory warned that targets include anyone connected to: Taiwanese independence; Tibetan rights; Uyghur Muslims and other ethnic minorities in China’s Xinjiang Autonomous Region; democratic advocates, including those from Hong Kong; and the Falun Gong spiritual movement.
That would appear to suggest the Chinese state as the aggressor.
Read more on Chinese spyware: LightSpy iPhone Spyware Linked to Chinese APT41 Group
“We are seeing a rise in digital threats designed to silence, monitor, and intimidate communities across borders, and the use of these two forms of spyware is clearly unacceptable,” said NCSC director of operations, Paul Chichester.
“The NCSC urges people at higher risk to exercise heightened vigilance and follow our practical advice outlined in the advisory to help keep their devices and data safe.”
TibetOne was apparently an iOS app uploaded to Apple’s App Store in December 2021, but is no longer available. It contained the Badbazaar spyware, used to target Uyghur, Tibetan and Taiwanese victims.
A separate app, which translates to “Audio Quran.apk,” is an Android app with an Uyghur language title. These apps are often promoted in online forums frequented by targets, the NCSC said. However, spyware has also been discovered in apps spoofing legitimate brands like WhatsApp.
The NCSC and its counterparts have published a technical analysis of the spyware, along with advice for app store operators, developers and social media companies.
In the meantime, it urged members of the above communities to:
- Avoid jailbreaking or rooting their devices, and only use trusted app stores
- Review installed apps and permissions regularly
- Report suspicious messages and files
- Be vigilant on social media and check shared files and links
