A new form of malware has been launched to attack an entire community or race – that of the Tibetans. While viruses, malware and hack attacks on mobile phones including those running android are nothing new, this is the first time an attack has been focused intensely on a community. The new malware targets Tibetan and Uyghur activists in the form of a Trojan sent as an email attachment that talks about the recent World Uyghur Conference (WUC), attended by delegates from China, Mongolia, East Turkestan and Tibet. The virus steals a host of information from the phone relaying to back to the hackers. This is believed to be the brainchild of Chinese hackers and will further strain diplomatic relations between the two nations already at loggerheads.
The virus is disguised as an .APK package, an android application package or kit that installs apps on android phones. Once a Tibetan opens up an email purporting to contain a letter from the human rights representatives, the virus communicates with a control server in Los Angeles registered to an unknown company in Beijing. The rogue app notifies the hackers of successful penetration and then steals SMS, contact and location data from the infected phone. The target receives an SMS that could contain the keywords “SMS”, “location”, “contact” or “other”. The malware keeps monitoring the victim’s data and does not steal data immediately.
There is no proof yet about whether the hackers are malicious individuals or a more disturbing prospect – Chinese government officials who could be engaged in cyber espionage. Whatever the case, Tibetans need to be cautious and vigilant about the mails and attachments they open.