Activists in Tibet and Uyghur have been hit by a targeted attack - the first to date that is based on malware for Android mobile devices.
According to Kaspersky Lab, there was a recent human rights conference held in Geneva, and it has picked up an increase in the number of attacks using this particular event as bait.
The attack steals personal information from infected smartphones, including messaging history and contacts, and sends the info to a command and control (C&C) server.
In addition, the attack is the first of its kind using fully functional Android malware that specifically targets mobile devices. The company also says the authors of this attack are most likely Chinese-speaking, judging by comments contained in the code and features of the C&C server.
Costin Raiu, director, Global Research and Analysis Team at Kaspersky Lab, says until this attack, the company has not seen targeted attacks against mobile devices in the wild, although it has noticed signs that attackers have been exploring this field.
He says the attack began with the hacking of a high-profile Tibetan activist's e-mail account. The authors then sent spear-phishing e-mails to the activist's contacts. The messages targeted Mongolian, Chinese, Tibetan and Uyghur political activists, and had attached an .APK file containing malware designed for Android devices.
"This particular attack utilises a fully featured Trojan aimed at stealing private data from a targeted group of victims. The attackers have so far used social engineering to trick the victims into installing the app. However, we believe that, in the future, such attacks will exploit vulnerabilities in mobile software, or a combination of techniques."
Kaspersky says the attack could be the forerunner in a new wave of targeted attacks aimed at Android users.
To date, the authors have depended solely on social engineering to infect the targets, but if the past is anything to go by, in time, these attacks will move on to employ zero-day vulnerabilities, exploits or a combination of techniques.
Share