A coalition of international government cyber security agencies have released a technical analysis and mitigations against spyware variants known as BADBAZAAR and MOONSHINE. Full advisory here – BADBAZAAR and MOONSHINE: Technical analysis and mitigations
With support from the UK Cyber League, the advisory was jointly produced by the National Cyber Security Centre (NCSC UK) and partners:
- The Australian Cyber Security Centre, part of the Australian Signals Directorate
- The Canadian Centre for Cyber Security, part of the Communications Security Establishment
- The German Federal Intelligence Service
- The German Federal Office for the Protection of the Constitution
- The New Zealand National Cyber Security Centre, part of the Government Communications Security Bureau
- The United States Federal Bureau of Investigation
- The United States National Security Agency
The advisory provides new and collated threat intelligence on two variants of spyware known as BADBAZAAR and MOONSHINE, and includes advice for app store operators, developers and social media companies to help keep their users safe.
This advisory is being published in parallel with an advisory for victims of these malware.
This document uses the NCSC glossary definition of spyware: “A type of malware that installs on a device without the user’s consent, collecting data and then sending it to a third party.”
