BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors


MOONSHINE and BADBAZAAR are examples of trojans; they have malicious functions hidden inside an otherwise functioning app that can be downloaded from app stores or online file-sharing services.

These apps are designed to trick a user into downloading and installing them on a device. Once an app is installed, it uses vulnerabilities on the device to perform unauthorised functions, or it may rely on a user granting app permissions to access and download information from the device, including: > location data including real time tracking > access to microphone and camera > messages, photos and other files stored on the device > device information and more

Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • NSA Advocates Data Sharing Framework

    June 23, 2017

    The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...