The Hacker News Logo
Subscribe to Newsletter

Human Rights Activists targeted with new Android malware

Tibetan and Uyghur activists are once again targeted with a new malware, specially designed for Android devices. This is the first documented attack that targets Android smartphones.

Security researchers at Kaspersky say they've found a targeted malware attack on Android phones that seems to come from China. The attack relied heavily on social engineering, a kind of verbal manipulation, to hack into their targets’ devices.


Malware seeks to steal information like contacts, call logs, and SMS of people who work in the field of human rights. Kaspersky has identified the Trojan as "Chuli," after a command function that shows up prior to posting stolen data to the command-and-control server at the URL: hxxp://64.78.161.133/*victims's_cell_phone_number*/process.php.

On March 24, the attackers infiltrated the email account of a high-profile Tibetan activist, and used that account to send a spear-phishing email to their contacts list. Once the victim opens the attachment on her Android phone, the file installs an application called "conference" that will display some information about the Geneva conference.

As the target is reading the message, malicious software they had inadvertently installed would report back to a command-and-control server, before collecting information from the phone.

Kaspersky also had a warning for future evolution in attack strategy: “So far, attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.