Global Cybersecurity Coalition Warns of Chinese Spyware Targeting Tibet, Uyghur and Taiwan Activists

Tibet Express Newsdesk

By Tenzin Chokyi

DHARAMSALA, 10 April:  A coalition of global cybersecurity agencies has issued a joint advisory warning against two Chinese spyware variants aimed at monitoring and intimidating individuals connected to topics including occupied Tibet, East Turkestan, Taiwan, democracy movements and Falun Gong communities. 

The UK’s National Cyber Security Centre (NCSC) in collaboration with cybersecurity centres from Australia, Canada, Germany, New Zealand, and the US, including the FBI and NSA , released the advisory warning with new information and mitigation measures on Wednesday.

The advisory disclosed  two Chinese spyware-  BADBAZAAR and MOONSHINE that are deliberately designed to infiltrate smartphones, harvest sensitive personal data, and track individuals in real time. 

According to the advisory, BADBAZAAR is a type of mobile spyware that operates on both IOS and Android devices. It spreads through social media platforms and even through official app stores, where people usually feel safe downloading apps. It has reportedly targeted Tibetan, Uyghurs, and Taiwanese. 

MOONSHINE is designed for android phones and masquerade itself as a real app, tricking users into thinking it’s safe. Once installed, the spyware covertly monitors the device with the ability to steal files as well as capture live audio and screen recordings.

It is noted that MOONSHINE has primarily targeted Tibetan groups  and has been shared via Telegram app and through links sent via WhatsApp. 

These tools, including TibetOne and Audio Quran.apt- Uyghur language Quran App- are reportedly used to target subjects deemed a “threat  to China’s domestic authority, ambitions, and global reputation”. 

The report described it as a part of China’s ongoing digital surveillance campaign aimed at suppressing dissent, particularly in its contested regions which include occupied Tibet, East Turkestan and Taiwan. 

The advisory also included a comprehensive technical analysis and mitigation measures for app store operators, developers, and social media companies with specific recommendations for at-risk individuals.

Additionally, it provided supplementary documents with in-depth technical breakdowns and guidance for those who may have been compromised by the malware.

You May Also Like

Unidentified Tibetan man sets self on fire in Dharamsala

Tenzin Gaphel

Over 30 Tibetans arrested for celebrating Dalai Lama’s birthday in Garze 

Tibet Express Newsdesk

Dalai Lama Inaugurates Maiden International Sangha Forum at Bodh Gaya  

Tibet Express Newsdesk

Tibetans join global coalition of 180 rights groups, call for boycott of Beijing 2022 Winter Games

Tibet Express Newsdesk

From Chinese Prison to Geneva, Namkyi Details Surveillance and Torture in Occupied Tibet

Tibet Express Newsdesk

Statement of TPIE in defence of Dalai Lama’s viral video

Tibet Express Newsdesk

Leave a Reply

Your email address will not be published. Required fields are marked *