Facebook is trying to fight back against attacks on Uyghur activists, allegedly carried out by Chinese hackers who’re wielding potent Android and iPhone malware, the social networking giant announced Wednesday.
Using Facebook, the group, previously dubbed Evil Eye, set up fake accounts posing as pro-Uyghur activists and journalists covering their cause. After creating a rapport with their targets, they then sent users links to either malicious websites that were hacked and laced with iOS malware, or to websites they’d created with domains that looked like those of popular Uyghur and Turkish news sites. But the majority of the malicious activity took place outside of Facebook, explained Nathaniel Gleicher, head of security policy at Facebook.
The attacks took place across 2019 and 2020. Targets included activists, journalists and dissidents predominantly among Uyghurs living abroad in the United States, Australia, Canada, Middle Eastern and Central Asian countries. Gleicher said the company is informing those affected. He added that this was “super targeted” espionage, with targets numbering below 500 on Facebook, and was the inverse of what the social network has seen in broad disinformation campaigns on Facebook. As an indicator of just how targeted the attacks were, the hackers’ code would only install the iPhone malware on a device when they met certain criteria, such as geolocation and language.
Some of the tainted websites contained Javascript code that resembled previously-reported exploits that had installed iOS malware known as INSOMNIA on victims’ devices. On the Android side, the hackers created rogue Android app stores where they published Uyghur-themed applications, including a prayer app. Facebook also said that it found two Chinese companies were the developers behind some of the Android malware.
Facebook hoping for deterrent
Mike Dvilyanski, Facebook’s head of cyber espionage investigations, told Forbes the malware was “fairly sophisticated,” though there was no evidence they’d used zero-days (unpatched software flaws) in recent attacks, even if they had in past attacks on iOS and Android users. The spyware was able to snoop on almost all data on a device including calls, messages, locations, photos and contacts, and it could listen through the phone by turning the microphone on.
Facebook is hopeful that in calling the hacks out, it will have an effect in deterring the hacker crew. “We did see this group react and change their intensity [when past research on their activities were released] and know they’re sensitive to these disclosures,” said Dvilyanski.
The same hackers were spotted by Google researchers in 2019, also targeting iPhone and Android users from the ethnic Muslim population of China’s far-western province Xinjiang. Western governments including the United States have levelled sanctions against Chinese officials and companies involved in the alleged detention of up to a million Uyghurs, and other Muslim minorities, in a vast network of forced labor and ‘re-education’ camps. DJI, the Chinese drone giant, was the latest to have been caught up in the sanctions, as the Commerce Department banned American companies exporting any tech to the company.
"Android" - Google News
March 25, 2021 at 01:00AM
https://ift.tt/3vVx3cO
Chinese Hackers Used Facebook To Target Uyghurs With Powerful iPhone And Android Spyware - Forbes
"Android" - Google News
https://ift.tt/336ZsND
https://ift.tt/2KSW0PQ
Bagikan Berita Ini
0 Response to "Chinese Hackers Used Facebook To Target Uyghurs With Powerful iPhone And Android Spyware - Forbes"
Post a Comment