
DHARAMSHALA: Kaspersky Lab on Tuesday said Chinese-speaking authors have launched targeted attack against Tibetan and Uyghur activists on their Android-based mobile devices.
The attack took place at the end of March 2013 and started with the hacking of an e-mail account belonging to a high-profile Tibetan activist. The attackers used this account to send ‘spear-phishing’ e-mails to his contact list. The malicious messages targeted Mongolian, Chinese, Tibetan and Uyghur political activists, and had attached an .APK file containing a malicious program for Android devices, the Kaspersky Lab said in a statement.
The Android malware used in the new attack steals private data from infected smartphones, including the address book and messaging history, and sends it to a command and control server. This attack is believed to be the first of this kind utilizing fully functional Android malware and specifically targeting mobile devices of potential victims, it said.
Investigation of this malware performed by Kaspersky Lab’s experts revealed that it was most likely designed by Chinese-speaking authors, judging by comments in the code and certain characteristics of the command and control server.
Costin Raiu, Kaspersky’s Director for Global Research & Analysis Team, said: “Until now we have not seen targeted attacks against mobile devices in the wild, although there were signs that attackers were interested and experimenting in this field. This particular attack utilizes a fully featured Trojan aimed at stealing private data from a targeted group of victims. The attackers have so far used social engineering to trick the victims into installing the app. However, we believe that in the future such attacks will exploit vulnerabilities in mobile software, or a combination of techniques.”




