Skip to content

ASD Publishes Joint Advisory on new Malicious Cyber Actors and Guidance - 20250410001

Overview

The Australian Signals Directorate (ASD) have published a joint advisory reporting the growing threat that malicious cyber actors pose to individuals connected to topics including Taiwan, Tibet, Xinjiang Uyghur Autonomous Region, democracy movements and the Falun Gong.

This advisory includes two case studies detailing techniques used by malicious cyber actors using spyware known as BADBAZAAR and MOONSHINE to target data on mobile devices including smartphones that could be of interest to the Chinese state. It also signposts to guidance to help individuals protect themselves, their devices and their data.

What has been observed?

There has been an observation of BADBAZAAR and MOONSHINE specifically targeting individuals connected to topics considered by the Chinese state to be a threat to their domestic authority, ambitions and global reputation. Those most at risk include, but are not limited to, anyone connected to:

  • Taiwanese independence
  • Tibetan rights
  • Uyghur Muslims and other ethnic minorities in or from China’s Xinjiang Uyghur Autonomous Region
  • democracy advocacy (including Hong Kong);
  • the Falun Gong spiritual movement

This includes non-governmental organisations (NGOs), journalists, businesses and individuals who advocate for, identify with, or otherwise represent these groups. The indiscriminate way this spyware is spread online also means there is a risk that infections could spread beyond intended victims.

Recommendation

The WA SOC recommends administrators perform the following: