Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 13 August, 2022
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Chinese-state-sponsored hackers spying on ethnic minorities worldwide

Research from Lookout revealed

by Joel
July 7, 2020
in Featured, Mobile Security
Mobile phone dr
Share on FacebookShare on Twitter

Chinese-state sponsored hackers have been using Android spyware tools to target ethnic minority groups particularly Uighurs, Tibetans, and Muslims, across 15 countries which include Malaysia, Turkey, Indonesia and Kazakhstan.

First discovered by mobile cybersecurity providers Lookout, the primary aim of these apps is to track, gather and exfiltrate personal user data to attacker-operated command-and-control servers, with the surveillance attributed to the Chinese government’s national security and counter-terrorism efforts.

Threat researchers state the spyware exploits the victim’s Android device through targeted phishing and fake-third party app stores. It had also been found that the malware was in ten different languages: Uighur, English, Arabic, Chinese, Turkish, Pashto, Persian, Malay, Indonesian, Uzbek and Urdu/Hindi.

The San Francisco based  company named the four Android survellianceware tools SilkBean, DoubleAgent, CarbonSteal, and GoldenEagle, and found that these interconnected malware tools are elements of a much larger mAPT (mobile advanced persistent threat) campaign originating in China, with activity of these surveillance campaigns been observed as far back as 2013.

Lookout also noted that past activity of this mAPT is connected to previously reported desktop APT activity in China, which is linked to GREF, a China-based threat actor also known as APT15, Ke3chang, Mirage, Vixen Panda and Playful Dragon.

It was also revealed that many samples of these malware tools were trojanized legitimate apps, i.e., the malware maintained complete functionality of the applications they were impersonating in addition to its hidden malicious capabilities.

Out of the list of countries targeted by the hackers, 12 are said to be on the Chinese government’s official list of “26 Sensitive Countries,” which according to public reporting, are used by authorities as 5 targeting criteria.

Muslim minorities have been widely persecuted suppressed in China and, in the Xinjiang region, they are being forced into government-mandated concentration camps in an attempt to “re-educate” them.

 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

TikTok to No Longer Operate in Hong Kong

Next Post

Cosmic Lynx, First Known Russian BEC Group, Discovered

Recent News

Doctor holding phone

Recovery From NHS Attack Could Take Weeks

August 12, 2022
Industry All-Stars Take Stage at International Cyber Expo’s Global Cyber Summit

Industry All-Stars Take Stage at International Cyber Expo’s Global Cyber Summit

August 12, 2022
Laptop, phone, hands

Campaign Launched to Stop People From Becoming Money Mules

August 11, 2022
MIRACL is One Cybersecurity Company to Watch in 2022

MIRACL is One Cybersecurity Company to Watch in 2022

August 10, 2022

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2021
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information