News  Android
Trojan targets Tibetan activists

The smartphone virus gets political

Android malware has been discovered which targets Tibetan activists. Kaspersky Labs are warning users of a "spear fishing" attack using email and a trojan which spreads to a users contacts. To seduce its victims into opening it, the email used a statement on the recent conference organised by the World Uyhgur Congress aimed at bringing together Chinese democracy and various other human rights activists. In fact, when its victims opened the email, they were exposed to an App which contained the virus. The same event was used as bait in a different email attack targeting multiple activist groups earlier this month aimed at Windows users via a malicious Excel file.

The command-and-control (C&C) server -- which is running Windows Server 2003 and set to use the Chinese language -- that the malware communicates with is hosted by Emagine Concept Inc. in Los Angeles. Until recently, a domain registered in Beijing also pointed to the C&C server.


When run, the app added a "Conference" link to the users homescreen which - whilst seemingly innocently displayed a message from the WUC Chairman - secretly notified the hackers server that it had been activated.This then opened a backdoor to the authors of the virus who could then access the phoens contact list, call logs and other private data.your phone to make calls, but is that really the case? Your smartphone is now as powerful - and as connected - as your desktop PC. Too many people fall into the trap of thinking its smaller physical size somehow means its less important to think about securing.

"While the victim reads this fake message, the malware secretly reports the infection to a command-and-control server," said Kaspersky Lab. "After that, it begins to harvest information stored on the device." Harvested information includes contacts stored on phone and SIM card, call logs, SMS messages, GPS coordinates and phone system information.

Social engineering hacks of this kind seem to be on the rise. Espionage malware has long been used to track political activists. Last year, for example, researchers reported that FinFisher spyware developed and sold by U.K.-based Gamma Group -- and which can infect iPhones, Android smartphones, BlackBerrys and other mobile devices -- was being used by autocratic regimes, including the Assad regime in Syria and the government of the Gulf state of Bahrain, to actively monitor dissidents.