Multiple Android Apps Found Containing Bundled Spyware, Posing Security Risks to Users
A recent report from the UK’s National Cyber Security Centre (NCSC) has unveiled a troubling trend involving numerous apps on Android and iOS that deceptively act as spyware. These malicious applications are often used by hackers to monitor minority populations in China.
Despite Apple and Google promoting their official app stores as the safest venues for downloads, the findings suggest these claims may no longer hold true. The NCSC collaborated with cyber intelligence agencies from Australia, Canada, Germany, New Zealand, and the United States to uncover the spyware, specifically under the names BadBazaar and Moonshine.
These spyware families operated under the guise of popular legitimate Android applications, stealthily accessing users’ cameras, microphones, messages, photos, and location data. Security firms such as Lookout, Trend Micro, and Volexity have previously detected and analyzed both malware strains, revealing their covert nature.
The primary targets of these spyware apps include Uyghurs, Tibetans, Taiwanese communities, and activists associated with causes viewed as threats to China’s stability. The NCSC highlighted that these apps are tailored to specifically target individuals involved in topics deemed sensitive by the Chinese state, often masquerading as popular applications.
For instance, the report identified over 100 deceptive apps that disguised themselves as tools for Muslim and Buddhist prayers, and even mimicked well-known messaging services like Signal, WhatsApp, and Adobe’s PDF reader. An iOS app named TibetOne, available on Appleās App Store since 2021, was also flagged.
The NCSC emphasized that individuals vulnerable to such threats include those advocating for Taiwanese independence, Tibetan rights, Uyghur Muslims, and proponents of democracy in regions like Hong Kong. So far, both Google and Apple have not publicly responded to the NCSC’s alarming findings.
This situation serves as a reminder for users to remain vigilant, even when downloading from official app stores. It’s advisable to verify the developer’s identity and scrutinize app reviews for any cautionary feedback.
