Uyghur Muslims targeted by surveillance campaign affected not just iOS, but Android too


The malware campaign targeting the Uyghur Muslim minority in China’s autonomous region of Xinjiang may have been more extensive than previously thought.

According to a new report published by Washington, DC-based cybersecurity firm Volexity, the community has been been at the receiving end of a large-scale surveillance operation via “strategically compromised websites” and mobile devices running not just iOS, but also Android.

This indicates that the campaign targeting Uyghurs was far broader in scope than Google initially disclosed.

“The systematic targeting and compromise websites that are run by and cater to Uyghurs make it clear they are the primary targets,” the report said. “However, each of the compromised websites are banned by the Great Firewall in China, leaving largely only those outside of the country as targets and potential victims.”

The ongoing campaigns against Uyghurs have been traced back to at least two Chinese threat groups — Evil Eye, and an unnamed actor — per Volexity, based on the modus operandi of delivering malicious code using compromised websites.

Over the weekend, multiple reports from TechCrunch and Forbes found that Chinese advanced persistent threat (APT) groups were using a number of previously undisclosed flaws in iOS (since patched) to lure Uyghur Muslims to malicious sites that installed spyware on the devices.

The development followed an earlier analysis by Google’s Project Zero security team last week, which uncovered a group of malicious websites that were used as a watering hole to attract and infect iPhone users by penetrating iOS‘s digital protections.

WP Twitter Auto Publish Powered By : XYZScripts.com