The application was exploited by at least three state-sponsored Chinese threat groups last month.