Tibetan and Uyghur human rights activists are being targeted with new malware which is specifically designed for Android Os based devices, according to Kaspersky.
Kasperky’s security experts reported they had found malware designed to attack Android devices, and further reported the malware seems to originate from China and its mode of attack relies largely on “social engineering”.
The trojan is identified as “Chuli”, based on a command function that shows up prior to the stolen information being posted to the command-and-control server.
Kaspersky stated: “So far, attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques.”
From their research, the malware’s aim is to steal personal information on Android devices such as contacts, call logs, and text messages.
According to reports, the attackers managed to infiltrate the email account of a high-profile Tibetan human rights activist on March 24 and from that compromised account sent a spear-phishing e-mail to their contacts list.
Attached with the e-mail is an app called “conference”, which is installed as soon as the victim opens the attachment on their Android device. The “conference” app will proceed to display some information about a conference in Geneva, but as the victim is reading the message their personal information is collected and sent back to a remote server.
