Researchers link APT15 hackers to Chinese military company
By: Ax Sharma
Link to the article referenced: https://bit.ly/3iC0xFT
APT 15 is a hacking group known for Android spyware apps. They are linked to a Chinese military company( Xi'an Tian He Defense Technology Co. Ltd.) In a new report by Lookout Threat Intelligence, researchers show how four Android "surveillanceware" tools used to target the Uyghur ethnic minority group are part of a more extensive mobile advanced persistent campaign that has been operating for years.
The motivation behind the large scale surveillance operation on ethnic minorities, both within and outside of China, has been attributed to the Chinese government’s national security and counter-terrorism efforts. The apps are typically targeted at specific groups (spearphishing for mobile devices). The apps are typically not from the "Google Store". Android is the most prolific operating system outside of the United States. This could easily move over to the United States in a targeted attack. The smartphone has replaced many devices/appliances over the past 20 years integrating many capabilities(map, weather, banking, music, etc). A targeted attack (ex COVID alert) or a popular app such as TikTok(based in China) could spread malware, implants at a viral pace.
In a recent report, (Ars Technica 27 June 2020) it was noted that 32 iOS apps "snoop" on sensitive clipboard data, this includes apps such as TikTok, but many US-based news organizations, games, social media etc. These apps access the clipboard for no clear reason and with no indication, they are doing so. For many apps, it’s hard to see any legitimate performance or usability reason for access. It is probable that APT 15 between its capability to specifically target individuals/groups through "rogue" apps the additional capability of "snooping" via clipboard data(that is likely traded, stolen or altered) demonstrates the increased vulnerability of mobile devices and the low bar to entry to extort, influence or steal by one of our adversaries.