Researchers have uncovered targeted attacks against Tibetan and Uyghur activists that targets Android users.

According to a blog post by Kaspersky Lab, after the email account of a high-profile Tibetan activist was compromised, miscreants utilized it to launch spear phishing attacks that include an APK attachment, a malicious program for Android users.

Once installed, the program covertly communicates that a device is infected to a command-and-control server and later siphons data from the device that includes contacts, call logs, SMS messages, as well as the location.

According to researchers, this may be the first in a “new wave” of attacks targeting Android users. Experts suggest to avoid clicking on any APK attachments in emails via mobile phones.