Facebook Used by Chinese Hackers to Target Uighurs Abroad With Malware Links, Company Says

Facebook said there were less than 500 targets who were primarily living abroad in countries such as Australia, Canada, and the US.

Facebook Used by Chinese Hackers to Target Uighurs Abroad With Malware Links, Company Says

Facebook said investigation found two Chinese companies had developed Android tooling deployed by group

Highlights
  • The majority of the hackers' activity occurred away from Facebook
  • Hackers set up websites using look-alike domains for Uighur news sites
  • Facebook had removed the group's accounts, numbered less than 100
Advertisement

Facebook said on Wednesday it had blocked a group of hackers in China who used the platform to target Uighurs living abroad with links to malware that would infect their devices and enable surveillance.

The social media company said the hackers, known as Earth Empusa or Evil Eye in the security industry, targeted activists, journalists, and dissidents who were predominantly Uighurs, a largely Muslim ethnic group facing persecution in China.

Facebook said there were less than 500 targets, who were largely from the Xinjiang region but were primarily living abroad in countries including Turkey, Kazakhstan, the United States, Syria, Australia, and Canada.

It said the majority of the hackers' activity occurred away from Facebook and that they used the site to share links to malicious websites rather than directly sharing the malware on the platform.

"This activity had the hallmarks of a well-resourced and persistent operation, while obfuscating who's behind it," Facebook cyber-security investigators said in a blog post.

Facebook said the hacking group used fake Facebook accounts to pose as fictitious journalists, students, human rights advocates or members of the Uighur community to build trust with their targets and trick them into clicking malicious links.

It said hackers both set up malicious websites using look-alike domains for popular Uighur and Turkish news sites and compromised legitimate websites visited by the targets. Facebook also found websites created by the group to mimic third-party Android app stores with Uighur-themed apps, like a prayer app and dictionary app, containing malware.

Facebook said its investigation found two Chinese companies, Beijing Best United Technology and Dalian 9Rush Technology had developed the Android tooling deployed by the group.

The Chinese Embassy in Washington did not immediately return a message seeking comment on Facebook's report. Beijing routinely denies allegations of cyber espionage.

Reuters was not immediately able to locate contact information for Dalian 9Rush Technology. A man who answered the number listed for Beijing Best United Technology hung up.

Facebook said it had removed the group's accounts, which numbered less than 100, and had blocked the sharing of the malicious domains and was notifying people it believed were targets.

© Thomson Reuters 2021
 


Some important changes are taking place with Orbital podcast. We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Facebook, Uighurs
PUBG Mobile Reports 1 Billion Accumulated Downloads Outside China Since 2018 Launch
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »