Cybersecurity company Cyble stated in a report released on Monday that “given the ongoing hostilities between the Government of the People’s Republic of China and the Uyghur community, the malware disguised as the book is a lucrative bait employed by threat actors (TAs) to spread malicious infection in the targeted community.” Researchers from the MalwareHunterTeam initially revealed the malware samples’ existence late last year. They came with the package name “com.emc.pdf.”
The Uyghur community in China is the likely target of a previously unknown strain of Android spyware that has substantial information gathering skills and was discovered disguised as a book. The trojan masquerades as a memoir by the exiled Uyghur leader Dolkun Isa called “The China Freedom Trap.”
Distributed outside of the official Google Play Store, the app, once installed and opened, displays a few pages of the book, including the cover page, an introduction, and a letter purportedly sent by Michael Kozak and Sam Brownback to Isa on June 15, 2018, condoling his mother’s death. take pictures from the infected device’s camera and capture its screen. “TAs are leveraging various methods, including regional and biogeographical conflicts, to fulfill their malicious intentions,” the researchers said. “In this case, they are seen taking advantage of the Uyghur-Chinese conflict to target unsuspecting individuals.” Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.