If you are attending the hack.lu conference this week, be sure to see @r00tbsd's talk on Weds, Oct 18 @ 9:30AM. He will be presenting an update on the ongoing campaigns targeting CCP adversaries by the threat actor @volexity tracks as #EvilBamboo.
See the full schedule for Wednesday here: https://hack.lu/agenda/#2023-10-18
"🎯 #EvilBamboo Unleashed: A Multi-Year Assault on Mobile Devices 📱"
In a recent expose, Volexity delves into the menacing operations of EvilBamboo, a nefarious entity targeting mobile devices in a multi-year campaign. The meticulous analysis sheds light on their modus operandi, unveiling a grim reality for mobile security. 🛡️
Volexity has spotted ongoing malicious campaigns by a group they call EvilBamboo, targeting folks from Tibet, Uyghur, and Taiwan. These groups are on China's naughty list, known as the Five Poisonous Groups. EvilBamboo has been on the radar for over five years, pulling off new stunts now and then. They've made nasty software for Android and iOS, tricking people into downloading malware through fake websites and social media. They even sneaked malicious apps into Apple's App Store. Volexity is pretty sure that EvilBamboo is playing dirty games for the Chinese government, sharing their findings in a recent conference and reports.
Source: Volexity Blog
Tags: #CyberSecurity #MobileSecurity #APT #EvilBamboo #CyberThreats #InfoSec
EvilBamboo has exploited zero-day vulnerabilities, such as the one in the WebKit browser engine of the Apple mobile operating system, to deliver spyware strains like Insomnia.
#Uyghurs #Cybersecurity #Tibetans #Android #Taiwanese #Spyware #EvilBamboo
I hope everyone is enjoying their weekend!
The Volexity researchers have been tracking the APT known as #EvilBamboo for over 5 years. Recently they have been targeting #Android devices and creating fake websites and social media profiles to help deploy the browser-based exploits. They have been using three different Android spyware that have been dubbed #BadBazaar, #BadSignal, and #BadSolar. This is an extremely informative and enjoyable article that covers a lot of technical details! Enjoy and Happy Hunting!
EvilBamboo Targets Mobile Devices in Multi-year Campaign
https://www.volexity.com/blog/2023/09/22/evilbamboo-targets-mobile-devices-in-multi-year-campaign/
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
