A major international advisory is warning users connected to causes such as Taiwanese independence, Tibetan rights, Uyghur advocacy, democracy movements, and the Falun Gong to take urgent steps in protecting their digital safety.
Jointly issued with the support of the UK Cyber League, the advisory was produced by cybersecurity agencies from Australia, the United Kingdom, Canada, Germany, New Zealand, and the United States. Australia’s contribution came through the Australian Cyber Security Centre, part of the Australian Signals Directorate.
Their key message is clear: malicious cyber actors are using advanced spyware—known as BADBAZAAR and MOONSHINE—to target mobile devices and access sensitive information.
According to the advisory, these trojans are hidden inside seemingly legitimate apps, often tailored to appeal to specific communities. For example, the TibetOne and Uyghur Quran apps were used to exploit trusted spaces such as Telegram channels and Reddit forums.
Once installed, these apps can collect real-time location data, access microphones and cameras, and download personal messages and photos.
While the public often associates cybersecurity threats with political espionage, this issue also affects broader fields such as social media and public relations. Journalists, NGOs, businesses, and individuals advocating for minority rights are among those most at risk.
The advisory also stressed that due to the indiscriminate nature of these attacks, anyone downloading compromised apps could unknowingly expose themselves to surveillance.
BADBAZAAR and MOONSHINE have even appeared in official app stores like the Google Play Store and Apple’s App Store, although with less success due to vetting processes.
Read also: Generative AI and the threat of deepfakes in election campaigning
However, as noted in the NCSC’s App Store Threat Report, these safeguards are not foolproof, making vigilance essential.
The guidance offered in the advisory outlines practical steps users can take to protect themselves. These include sticking to official app stores where possible, being cautious when granting app permissions, and staying informed about emerging threats.
Importantly, the advisory reminds users that these mitigations should complement broader cybersecurity measures.
As cyber threats evolve, protecting personal data is no longer just an IT issue—it’s crucial for preserving freedom of expression, public engagement, and community trust.
