New Android Spyware Tools Emerge in Widespread Surveillance Campaign
Brand new Android spyware tools have been discovered being deployed in a widespread APT campaign designed to spy on the Uyghur ethnic minority group. Researchers discovered the surveillance campaign, which dates back to 2013 and includes three never-before-seen surveillance tools, through analyzing trojanized legitimate applications.
The campaign’s Android surveillance tools, called SilkBean, GoldenEagle, and CarbonSteal, work together to gather and exfiltrate personal user data to attacker-operated command and control servers. According to Lookout security researchers, the malware maintained functionality of the applications they were impersonating, however, below the surface level they were running a multitude of hidden malicious capabilities.