They have been used by the China state-sponsored APT Hafnium for cyber espionage purpose against US. Update the systems now!
Lookout: Confucius targets Pakistan via Android spyware. The pro-India APT is using two malware to spy the competitor: Hornbill and SunBird, delivered as fake apps
Confucius pro-India hackers are spying Pakistani military via Android spyware. It has been discovered by Lookout cybersecurity experts. The APT is exploiting two malware: Hornbill and SunBird, delivered as fake Android apps (APKs). Targets include personnel linked to Islamabad’s military, nuclear authorities, and Indian election officials in Kashmir. Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS, encrypted messaging app content, and geolocation, among other types of sensitive information. Moreover, the majority of applications appear to target Muslim individuals. SunBird features remote access trojan (RAT) functionality, a malware that can execute commands on an infected device as directed by an attacker. Hornbill is a discreet surveillance tool used to extract a selected set of data of interest to its operator.