If you are attending the hack.lu conference this week, be sure to see @r00tbsd's talk on Weds, Oct 18 @ 9:30AM. He will be presenting an update on the ongoing campaigns targeting CCP adversaries by the threat actor @volexity tracks as #EvilBamboo.
See the full schedule for Wednesday here: https://hack.lu/agenda/#2023-10-18
EvilBamboo has exploited zero-day vulnerabilities, such as the one in the WebKit browser engine of the Apple mobile operating system, to deliver spyware strains like Insomnia.
#Uyghurs #Cybersecurity #Tibetans #Android #Taiwanese #Spyware #EvilBamboo
I hope everyone is enjoying their weekend!
The Volexity researchers have been tracking the APT known as #EvilBamboo for over 5 years. Recently they have been targeting #Android devices and creating fake websites and social media profiles to help deploy the browser-based exploits. They have been using three different Android spyware that have been dubbed #BadBazaar, #BadSignal, and #BadSolar. This is an extremely informative and enjoyable article that covers a lot of technical details! Enjoy and Happy Hunting!
EvilBamboo Targets Mobile Devices in Multi-year Campaign
https://www.volexity.com/blog/2023/09/22/evilbamboo-targets-mobile-devices-in-multi-year-campaign/
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
Volexity has identified several long-running and currently active campaigns undertaken by the threat actor Volexity tracks as EvilBamboo (formerly named Evil Eye) targeting Tibetan, Uyghur, and Taiwanese individuals and organizations. These targets represent three of the Five Poisonous Groups of Chinese Communist Party (CCP).
Volexity 
Freemind
Just Another Blue Teamer