The United Kingdom, United States, Canada, Germany, Australia, and New Zealand have all revealed a troubling worldwide spyware campaign that aims to stifle dissent.
Malicious apps have been surreptitiously spying on activists, minority groups, and Chinese government critics by imitating commonplace technologies. The UK’s National Cyber Security Centre (NCSC), supported by GCHQ, disclosed in a joint alert on Tuesday that two spyware programs, BadBazaar and Moonshine, have been infiltrated into seemingly secure Android apps.
Popular utilities like Adobe Acrobat, WhatsApp, Telegram, and even religious programs for Muslims and Buddhists were meticulously mirrored in these apps. They were more than simply obnoxious spyware, these digital decoys. By recording conversations, monitoring movements, stealing images, and reading private messages, they transformed phones into portable surveillance tools. All of this is taking place without the user’s awareness. The spyware wasn’t dispersed haphazardly among app shops. It had goals and an objective.
According to the claims available to BrandSpur digital news platform, the apps were used to target Tibetans, Uyghur Muslims, Taiwanese independence advocates, and members of the Falun Gong spiritual group and Hong Kong’s pro-democracy movement. Although the majority of the targeted reside outside of China, Beijing views their actions or ideologies as dangerous to the stability of the country. To put it bluntly, this is digital stalking at the state level.
NCSC had this to say: “These apps specifically target individuals internationally who are connected to topics that are considered by the Chinese state to pose a threat to its stability, with some designed to appeal directly to victims or imitate popular apps.”
Cybersecurity firms such as Trend Micro, Lookout, and Volexity, together with Citizen Lab, a nonprofit watchdog that has long monitored Chinese cyber activity, have previously examined the two spyware families found in Android apps. For example, it is well known that BadBazaar has masqueraded as a file-sharing application and encrypted messengers. However, Moonshine was said to have masqueraded as a specially designed set of instruments targeting certain targets, such as Tibetans. More than 100 Android apps were found in all. The decoys ranged from chat platforms and document readers to language-learning tools and prayer applications. In 2021, TibetOne, an iOS app, even found its way to the Apple App Store.
However, Apple and Google have not yet made any public statements regarding the removal of the apps on the list or the potential number of impacted users. The warning restates that the instruments we rely on for coordination and communication can be manipulated into surveillance tools.
