"China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users"

Researchers have found malicious Android apps for Signal and Telegram being distributed through the Google Play Store and Samsung Galaxy Store. They are designed to deliver the BadBazaar spyware on infected devices. ESET researchers attributed the campaign to GREF, an actor linked to China. Most victims have been detected in Germany, Poland, and the US, followed by Ukraine, Australia, Brazil, Denmark, Congo-Kinshasa, Hong Kong, Hungary, Lithuania, the Netherlands, Portugal, Singapore, Spain, and Yemen. BadBazaar was first identified by Lookout in November 2022 as targeting the Uyghur community in China with seemingly harmless Android and iOS apps that, once installed, harvest data, including call logs, SMS messages, locations, and more. This article continues to discuss the China-linked BadBazaar Android spyware. 

THN reports "China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users"