December 2, 2022
New Android Spyware Campaign Targeting The Uyghur Community

Security Researchers at Cyble found an Android malware — explicitly designed to target the Uyghur community. The malware disguises itself as a book named “The China Freedom Trap.”

The malware comes under the guise of a book titled “The China Freedom Trap,” a biography written by the exiled Uyghur leader Dolkun Isa.

“The China Freedom Trap” is a personal and political account of the president of the Uyghur Congress, Dolkun Isa, which details his experiences and struggles in fighting crimes against Uyghurs, currently recognized as one of the 55 officially recognized ethnic minorities.

The existence of the malware samples, which come with the package name “com.emc.pdf,” was first disclosed by researchers from the MalwareHunterTeam late last month.

Spyware has several sophisticated features that the malicious app leverages to steal device information, SMSes, Contacts data, call logs, and neighboring cell information. 

Once downloaded, the malware-injected book tries to steal sensitive information from the users’ devices like capturing the device screen and taking pictures from the device’s camera, etc.

On Monday security firm Cyble said in a report “In light of the ongoing conflict between the Government of the People’s Republic of China and the Uyghur community, the malware disguised as the book is a lucrative bait employed by threat actors (TAs) to spread malicious infection in the targeted community”.

The malware requests 27 permissions from your smartphone and abuses 13 of them. Below is the list of Permissions Used By The Malware

  • ACCESS_NETWORK_STATE
  • READ_PHONE_STATE
  • READ_SMS
  • WRITE_SMS
  • READ_CONTACTS
  • PROCESS_OUTGOING_CALLS
  • WRITE_EXTERNAL_STORAGE
  • READ_CALL_LOG
  • RECORD_AUDIO
  • ACCESS_COARSE_LOCATION
  • ACCESS_FINE_LOCATION
  • GET_ACCOUNTS
  • READ_HISTORY_BOOKMARKS

However, Google and other trusted services do not exist in China, the malware-injected app is being distributed via third-party websites and other app platforms in china.

How To Prevent Malware Infection?

  • Use a reputed anti-virus and internet security software package on your connected devices, such as PCs, laptops, and mobile devices.
  • Use strong passwords and enforce multi-factor authentication wherever possible.
  • Enable biometric security features such as fingerprint or facial recognition for unlocking the mobile device where possible.
  • Be wary of opening any links received via SMS or emails delivered to your phone.
  • Be careful while enabling any permissions.
  • Keep your devices, operating systems, and applications updated.

So these are some steps to prevent being infected by malware and spyware.

Leave a Reply

Your email address will not be published. Required fields are marked *