Close Menu
National Security News
  • Ukraine War
  • Russia
  • Terrorism
  • China
  • Iran
  • Africa
  • Tech
    • Space
    • Nuclear
    • Cyber
  • Investigations

Trending

Iran asks Houthis to prepare Red Sea disruption if US strikes power infrastructure, sources say

July 16, 2026

Iran warns of ‘proportional response’ as US expands military strikes

July 15, 2026

Axiom Space strengthens leadership as it pushes towards commercial space station era

July 15, 2026

Funding British defence transformation

July 14, 2026
Facebook X (Twitter) Instagram
National Security News
Subscribe
X (Twitter)
Login
IPSO Trusted Journalism in National Security
  • Ukraine War
  • Russia
  • Terrorism
  • China
  • Iran
  • Africa
  • Tech
    • Space
    • Nuclear
    • Cyber
  • Investigations
National Security News
  • Ukraine War
  • Russia
  • Terrorism
  • China
  • Iran
  • Africa
  • Tech
Home»China
China

Spyware able to access phone audio and cameras for data ‘of use to China’, NCSC warns

Staff WriterBy Staff WriterMay 15, 20253 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email

Listen to the article

0:00
0:00

Key Takeaways

🌐 Translate Article

Translating...

📖 Read Along

💬 AI Assistant

🤖
Hi! I'm here to help you understand this article. Ask me anything about the content!
NovaSouth HQ of the National Cyber Security Centre in London. (Source – NCSC)

Security agencies in the UK and allied countries have warned members of the Uyghur, Tibetan and Taiwanese communities that they may be targeted by newly discovered variants of spyware.

The UK’s National Cyber Security Centre (NCSC) has joined its counterparts in the US, Australia, Canada, Germany and New Zealand in raising the alarm over the Trojanised malware, which it says is hidden in legitimate-looking mobile apps such as TibetOne.

The two variants, dubbed Moonshine and BadBazaar, are designed to covertly access device microphones, cameras, messages, photos and real-time location data, according to the NCSC.

The agency warned that potential targets include individuals connected to: Taiwanese independence; Tibetan rights; Uyghur Muslims and other ethnic minorities in China’s Xinjiang Autonomous Region; pro-democracy advocates, including those from Hong Kong; and the Falun Gong spiritual movement.

Intelligence sources said the evidence appeared to suggest the Chinese state as the likely aggressor.

“We are seeing a rise in digital threats designed to silence, monitor and intimidate communities across borders, and the use of these two forms of spyware is clearly unacceptable,” said NCSC Director of Operations, Paul Chichester.

“The NCSC urges people at higher risk to exercise heightened vigilance and follow our practical advice outlined in the advisory to help keep their devices and data safe.”

TibetOne was reportedly an iOS app uploaded to Apple’s App Store in December 2021, but it is no longer available. It contained the BadBazaar spyware, which was used to target Uyghur, Tibetan and Taiwanese individuals.

A separate app, which translates to Audio Quran.apk, is an Android app with a Uyghur-language title. These apps are often promoted on online forums frequented by targets, the NCSC said. However, spyware has also been discovered in apps spoofing legitimate brands such as WhatsApp.

The NCSC and its international partners have published a technical analysis of the spyware, along with guidance for app store operators, developers and social media companies.

GCHQ Cheltenham. (Source – GCHQ)

Their joint statement reads: “Although BADBAZAAR and MOONSHINE have been observed targeting Uyghur, Tibetan and Taiwanese individuals, other malware variants also target minority groups in China. Citizens from co-signing nations, both within China and abroad, who are perceived to be supporting causes that threaten regime stability, are almost certainly under threat from mobile malware such as BADBAZAAR and MOONSHINE.”

“The capability to capture location, audio and photo data almost certainly provides the opportunity to inform future surveillance and harassment operations by offering real-time information on the target’s activity.”

Follow on Google News Follow on X (Twitter)
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Staff Writer

Keep Reading

Funding British defence transformation

Britain bans support for Iran’s Islamic Revolutionary Guard Corps

The Government’s Defence Investment Plan finally published

UK, France and Germany pledge more Ukraine support as Kyiv claims battlefield gains

West races to loosen China’s grip on critical minerals as supply fears mount

Britain to create joint naval force with nine European countries as ‘complement’ to Nato

Editor's Picks

Iran warns of ‘proportional response’ as US expands military strikes

July 15, 2026

Axiom Space strengthens leadership as it pushes towards commercial space station era

July 15, 2026

Funding British defence transformation

July 14, 2026

War returns to the Gulf after the US launches strikes against Iranian military targets

July 13, 2026

Trending

Funding British defence transformation

United Kingdom July 14, 2026

War returns to the Gulf after the US launches strikes against Iranian military targets

United States July 13, 2026

Britain bans support for Iran’s Islamic Revolutionary Guard Corps

United Kingdom July 13, 2026
Facebook X (Twitter) TikTok Instagram LinkedIn
© 2026 National Security News. All Rights Reserved.
  • About us
  • Privacy Policy
  • Terms
  • Contact
Home Topics Podcast NSN Lists

Type above and press Enter to search. Press Esc to cancel.

Sign In or Register

Welcome Back!

Login to your account below.

Lost password?