Home Security Researchers Uncover Years-Lengthy Cell Spy ware Marketing campaign Concentrating on Uyghurs

Researchers Uncover Years-Lengthy Cell Spy ware Marketing campaign Concentrating on Uyghurs

by crpt os


A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday.

The intrusions, originally attributed to a threat actor named Scarlet Mimic back in January 2016, is said to have encompassed 20 different variants of the Android malware, which were disguised as book, pictures, and an audio version of the Quran.

The malware, while relatively unsophisticated from a technical standpoint, comes with extensive capabilities to steal sensitive data from an infected device, send SMS messages on the victim’s behalf, make phone calls, and track their locations.

CyberSecurity

Additionally, it allows the recording of incoming and outgoing phone calls as well as surrounding audio.

“All this makes it a powerful and dangerous surveillance tool,” Israeli cybersecurity firm Check Point said in a technical deepdive, calling the spyware MobileOrder.

It’s worth noting that a part of the campaign was recently disclosed by researchers from the MalwareHunterTeam and Cyble, in which a book written by the exiled Uyghur leader Dolkun Isa was used as a lure to deliver the malware.

mobile spyware

Check Point said it observed MobileOrder artifacts in the wild right from 2015 to mid-August 2022, with the exception of 2021, when none were detected.

Attack campaigns likely involve the use of social engineering tactics to trick unsuspecting victims into launching malicious applications that reference seemingly innocuous documents, photos, and audio files.

These apps contain a variety of baits, including a PDF about guerrilla warfare and pictures related to the deployment of paramilitary forces in Ürümqi, the capital of the Xinjiang Uyghur Autonomous Region, in the aftermath of the deadly April 2014 attack.

Opening the rogue app, in turn, launches a decoy document designed to distract the target from noticing the malicious actions in the background.

“Some of the versions also ask for Device Admin and root access, which not only gives the malware full access to the device, but also prevents the victim from easily uninstalling the application,” the researchers said.

CyberSecurity

Other features supported by MobileOrder include executing a remote shell and even dropping additional Android Package (APK) files.

The campaign’s attribution to Scarlet Mimic, per Check Point, stems from clear code overlaps, shared infrastructure, and the same victimology patterns.

Furthermore, the ongoing use of MobileOrder signals a shift in attack vector from desktop to mobile surveillance, what with the actor previously linked to a Windows malware called Psylo Trojan.

While it’s not clear which of these attacks throughout the past seven years have been successful, the very fact that the malware authors are continuing to deploy the spyware is an indication that some of these efforts have paid off.

“The persistence of the campaign, the evolution of the malware and the persistent focus on targeting specific populations indicate that the group’s operations over the years are successful to some extent,” Check Point said.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex