Posted on September 5, 2019 at 5:45 PM
Hacking activity may be at an all-time high, and it becomes even more prominent and news-worthy because of speculations about links from governmental authorities. In this case, cybercriminals associated with the current Chinese administration reportedly compromised web pages frequently visited by Uyghurs earlier in 2019.
The Uyghurs are a known ethnic minority that lives mostly in Northwestern areas of the People’s Republic of China, mainly in the Xinjiang autonomous region. They are Muslim, and the total population is over 20 million.
The hackers that compromised these sites programmed them to install monitoring resources as a way to spy on the phones of users that opened them in their browsers, according to information provided by researchers.
Infecting Devices Indiscriminately
Some of the compromised sites, then, earned capabilities to infect Android and iPhone devices, according to what sources familiar with the matter and preferred to stay anonymous told CNN. It wasn’t specified, though, whether the pages could hack both Android and iOS devices simultaneously.
Cyberespionage campaigns can become dirty and dangerous and can be extremely powerful, as evidenced by these findings. When they target a specific group, governments usually don’t care about compromising a whole category of web pages to hack mobile devices of all people that dare to open them.
And, to add more spice to the report, the director of the Digital and Cyberspace Policy program at the Council on Foreign Relations Adam Segal stated that the attack could be repurposed with ease to target other vulnerable groups of interest for the Chinese government, such as Hong Kong protesters.
They Could Do the Same to Target Hong Kong Protesters
Segal told the news network that they are all outwardly facing pages, and it should be expected that they would be able to do the same to people protesting in Hong Kong, Taiwanese parties, or any other category that they may want to target.
The international community has long condemned China for its treatment towards the Uyghur ethnic group. The authorities have exercised intense surveillance techniques for a long time.
Specialists and researchers at Volexity, a known cybersecurity firm, has tracked the way Chinese authorities spy on Uyghurs. The company released a report at the beginning of the week that shows the way some websites are tailor-made for Uyghur visitors.
Once they visit the page, their mobile devices of the previously mentioned operating systems will be hacked. The attack is dubbed a “watering hole” one and lets cybercriminals compromise entire sites that their targets are likely to open instead of individually looking for victims.
Hundreds of thousands of Uyghur Muslims have been held in detention “reeducation” camps by Chinese authorities in the province of Xinjiang. They are also among the most harassed, spied, and surveilled groups in the globe and the areas where they live have security cameras and facial recognition software.
Some of the compromised web pages are the most frequently visited Uyghur news sites and some websites for learning and education purposes, such as the online Uyghur Academy. According to Volexity CEO Steven Adair, the Chinese government picked a very good set of pages, because if one were to look for Uyghur news, nearly all of them are compromised.
A Similar Attack on iPhones Was Recently Unveiled
Volexity is always on the lookout for groundbreaking, but mysterious discoveries. For example, Google’s Project Zero (also known for its research, but with a focus on security vulnerabilities) revealed unprecedented findings.
The research team found that any person who visited a specific group of sites from iPhones (typically seen as extremely secure, unlike Android) would suffer a watering hole attack, in the form of a monitoring implant being installed on the device. Apple has patched the vulnerability, however.
The Internet biggest company, Google, did not say who was affected. However, a source familiar with the matter confirmed that at least a percentage of the URLs that Volexity found targeting Uyghur Android users also tried to attack iPhones.