Cyber Threat on Taiwanese: Unveiling the 'Badbazaar' and 'Moonshine' Spyware
Taiwanese computer systems under Chinese cyberattacks: MAC (Military Affairs Commission) reports
In a startling revelation, China is using advanced cyber-attacks, in collaboration with state-owned software developers and hacker groups, to target Taiwanese - this includes using malicious software known as 'Badbazaar' and 'Moonshine' spyware. These software variants are reportedly aimed not just at Taiwanese, but also at Uighur, Tibetan communities, and pro-democracy advocates across the world [3][4].
Breaking Down 'Badbazaar' and 'Moonshine' Spyware
- Badbazaar: Primarily targeting iOS and Android users, this malware can infiltrate devices through official app stores and social media platforms by disguising itself as popular apps, such as language or cultural apps relevant to the targeted communities [3][5].
- Moonshine: An Android-specific spyware, it spreads through channels like Telegram and WhatsApp. It seeks relevant permissions to access sensitive device information [3].
Both spyware variants can exploit devices for geolocation data, messages, photos, and even control microphones and cameras without the user's knowledge [3][4].
The Alliance Behind the Attacks
The Mainland Affairs Council (MAC) of Taiwan claims that these cyber-attacks are orchestrated by a partnership between Chinese state-owned software developers and hacker groups, with the intent to gather sensitive information from Taiwanese individuals and groups critical of the Chinese government or advocating for Taiwanese independence [4].
Steps to Secure Yourself
To defend against these cyber threats, users should:
- Download Apps from Verified Sources: Only install apps from trusted stores like Google Play or Apple App Store, avoiding any unverified or questionable sources [4].
- Monitor App Permissions: Regularly check the permissions granted to apps on your device, closely examining any that seem unnecessary or suspicious [4].
- Report Suspicious Activities: Be cautious of unexpected emails, messages, or links. Report any strange communications that may potentially distribute malware [4].
- Avoid Unfamiliar Links: Refrain from clicking on links you don't recognize and leading to untrusted websites or apps [4].
Using antivirus software, ensuring your devices and software are up-to-date, and staying informed about the latest cyber threats can further enhance your digital security.
The Chinese government publishes a China Travel Safety Handbook annually, providing warnings for Taiwanese traveling to China, Hong Kong, or Macau. This guide advises travelers to back up, delete, or encrypt their personal data, avoid sensitive topics, and avoid using or downloading Chinese apps [6][7]. Failure to heed these warnings may result in detainment, questioning, or imprisonment for some travelers [8]. Additionally, those visiting China must bring a death certificate for the remains of loved ones who passed away in the country and follow customs procedures for cremated remains and bodies in coffins [8].
Taiwanese travelers involved in sensitive matters must obtain prior permission before visiting China, as Beijing has enacted strong measures against pro-Taiwanese independence supporters [9]. As a precaution, Taiwan has raised its travel advisory for China to 'orange,' indicating that all non-essential travel should be avoided [9].
- Hackers, in collaboration with Chinese state-owned software developers, are using advanced cyber-attacks against the Taiwanese, including malicious software known as 'Badbazaar' and 'Moonshine'.
- 'Moonshine' spyware, specific to Android devices, spreads through popular messaging apps like Telegram and WhatsApp.
- To protect against these cyber threats, users are advised to download apps from verified sources, monitor app permissions, report suspicious activities, and avoid unfamiliar links.
- China's annual China Travel Safety Handbook warns Taiwanese travelers to be cautious with personal data when visiting China, Macau, or Hong Kong, as they may face detainment or questioning for non-compliance.
