Summary A report from the NCSC has uncovered numerous apps for both Android and iOS that appear authentic but are actually disguised spyware. These malicious tools are often employed by hackers to monitor minority communities within China.
Previously, Apple made waves by opposing the inclusion of third-party app stores. Together with Google, they have consistently maintained that getting apps exclusively through their official stores provides users with the most secure method to download applications onto their devices. Nonetheless, these assertions are beginning to sound somewhat less convincing as time goes on.
Hiding in plain sight
According to the UK’s National Cyber Security Centre (NCSC), this discovery was made in collaboration with organizations from Australia, Canada, Germany, New Zealand, and the U.S. They uncovered applications that covertly operated spyware known as BadBazaar and Moonshine.
Each of these spyware groups concealed themselves openly, masquerading as numerous genuine Android applications. Nonetheless, secretly, they monitored activities such as camera use, microphone access, message content, photo details, and geographic information. Security companies including Lookout, Trend Micro, and Volexity had earlier identified and examined both the BadBazaar and Moonshine malicious software families.
Aiming at ethnic minorities and campaigners
The targets encompassed Uyghurs, Tibetans, Taiwanese communities, and activists associated with movements China deems as threats to its stability.
According to the NCSC, The applications particularly focus on people around the world who have connections to subjects deemed threatening to China’s stability by the Chinese government. Some of these apps are tailored to attract direct victims or mimic well-known applications.
The report enumerates over 100 malevolent Android applications masquerading as Islamic and Buddhist prayer utilities. Some of these apps pretended to be well-known communication platforms such as Signal and WhatsApp, along with Adobe’s PDF viewer. Additionally, an iOS application named TibetOne was included in this compilation; it had previously been available on Apple’s App Store since 2021.
The NCSC adds, “The individuals most at risk include anyone connected to: Taiwanese independence; Tibetan rights; Uyghur Muslims and other ethnic minorities in or from China’s Xinjiang Uyghur Autonomous Region; democracy advocacy, including Hong Kong, and the Falun Gong spiritual movement.”
So far, Google and Apple have remained quiet and have not issued a statement in response to the NCSC’s findings.
This is a reminder that even when you download apps from official stores, it’s best to check to see who the developer is. Many apps pretend to be made by Google. But when you look closely, you’ll realize Google isn’t the listed developer. Also, check the app reviews to see if there are any comments that warn you against downloading it.
The post Dozens of Android apps discovered with spyware bundled with them appeared first on Android Headlines .