Cyber Security

New Android malware targets the Uyghur community

Android malware

A new Android spyware program has been discovered by threat actors connected to China who were spying on Uyghurs in China.

A new Android malware used to spy on the Uyghur community was discovered by experts at Cyble Research & Intelligence Labs (CRIL).

Dolkun Isa’s biography “The China Freedom Trap” was disguised as malware.

“In light of the ongoing conflict between the Government of the People’s Republic of China and the Uyghur community, the malware disguised as the book is a lucrative bait employed by threat actors (TAs) to spread malicious infection in the targeted community.” reads the analysis published by Cyble. “Upon performing behavioral analysis, we observed that this malware has an icon similar to the cover page of the book known as The China Freedom Trap written by Dolkun Isa, and on opening the app, the user is shown a few pages of the book including the cover page, an introduction to the book and its author, along with a condolence letter at the end.”

Information about your device, SMS messages, contacts, call logs, and neighboring cells can be stolen by this app. As well as capturing the screen, the malicious code can also take pictures using the device’s camera.

Based on commands sent by the C2 Server, the malware steals information from infected devices. When the application is launched for the first time it checks the version number of the android SDK. If the version is less than 29, the malware hides its icon and runs in the background. If the device’s version is older than 29, it will open the .pdf file found in APK resources. This contains the cover, introduction and author and a condolence note.

“TAs are leveraging various methods, including regional and biogeographical conflicts, to fulfill their malicious intents. In this case, they are seen taking advantage of the Uyghur–Chinese conflict to target unsuspecting individuals.” concludes the report. “According to our research, this type of malware is only distributed via sources other than Google Play Store. As a result, practicing basic cyber hygiene across mobile devices and online banking applications is a good way to prevent such malware from compromising your devices.”

Mobile Security with SYC Secured Smartphone

SYC Secured Smartphone is a trustworthy partner for keeps business data confidential and secured from cyber attackers with its highly-advanced secured algorithm. Leveraging highly talented security advisors, Secure Your Call delivers top-notch mobile security solution services with minimal risk of data theft.

Being a part of the data security industry, SYC Secured Smartphone has launched two advanced and highly secured phones Samsung Galaxy S22 Ultra and Samsung Galaxy S22+ that keep your personal and professional data secured from any kind of cyber-attack. Connect now to inquire about device features.

Related Posts