The Canadian Centre for Cyber Security (Cyber Centre) has joined the United Kingdom's National Cyber Security Centre (NCSC-UK), and the following international partners in releasing 2 cyber security guidance publications on BADBAZAAR and MOONSHINE:
- Australian Signals Directorate's (ASD) Australian Cyber Security Centre (ACSC)
- Germany's Federal Intelligence Service (BND)
- Germany’s Federal Office for the Protection of the Constitution (BfV)
- New Zealand's National Cyber Security Centre (NCSC-NZ)
- United States’ Federal Bureau of Investigation (FBI)
- United States' National Security Agency (NSA)
The joint guidance provides new information and mitigation measures for those at high risk from 2 spyware variants: BADBAZAAR and MOONSHINE.
BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors
This publication raises awareness of the threat that malicious cyber actors pose to individuals connected to topics the People's Republic of China (PRC) considers to be a threat to its domestic authority, ambitions and global reputation, including:
- Taiwan
- Tibet
- Xinjiang Uyghur autonomous region
- democracy movements
- Falun Gong
The publication includes 2 case studies that detail the techniques employed by malicious cyber actors using BADBAZAAR and MOONSHINE to target data on mobile devices. The publication's guidance also includes mitigation measures that individuals can use to help protect:
- themselves
- their devices
- their data
Read the full joint guidance BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors (PDF).
BADBAZAAR and MOONSHINE: Technical analysis and mitigations
This joint guidance provides new and collated threat intelligence on the spyware variants BADBAZAAR and MOONSHINE. It includes advice for app store operators, developers and social media companies to help keep their users safe.
Read the full joint guidance BADBAZAAR and MOONSHINE: Technical analysis and mitigations (PDF).