Facebook Blocks Accounts Of Chinese Hackers Targeting Uighurs Abroad

Posted on March 25, 2021 at 7:32 PM

Facebook Blocks Accounts Of Chinese Hackers Targeting Uighurs Abroad

On Wednesday, Facebook said Chinese-based hackers used its platform to launch a hacking campaign that targeted Uyghurs speaking people abroad.

The threat actors identified, tracked, and sent malicious links to their targets using the Facebook platform.

According to the announcement, the targets also include Uyghur activists, journalists, and dissidents living in Turkey, Canada, Australia, and the U.S.

But the tech giant didn’t blame the Chinese government for the attack, since it doesn’t know who is supporting the hacking activities. “We can see geographic attribution based on the activity, but we can’t actually prove who’s behind the operation,” Facebook stated.

But Facebook acknowledged that the threat actors share similar operational methods with the hacking group cited by cybersecurity firm Volexity in 2019, which has links with the Chinese government.

Hackers utilized highly sophisticated techniques

A published data revealed that the hackers have taken serious steps to spy on Uyghur-speaking Chinese in diasporas.

They utilized highly sophisticated techniques will unknown tools to plant malicious codes on several Uyghur news sites to give them access to spy and hack any mobile device that visits the sites, which are mostly visited by Uyghurs.

Facebook said the threat actors, who are called Evil eye or Earth Empusa in the cybersecurity space, had less than 500 targets, the majority of whom were from the Xinjiang region.

The social media giant said most of the activities of the hackers are not on Facebook, but they still use the portal when sending links to malicious sites.

But the hacking syndicate used fake Facebook accounts to deceive their targets as human rights activists. Students, and journalists who have the interest of the Uyghur people. They do this to develop trust with their targets and deceive them into clicking the malicious links.

Facebook has removed the group’s account

Facebook also noted that the accounts of the hacking group have been removed from the platform. It has also blocked any links that share the malicious domain in a bid to stop the spread of the hacking activity. Facebook has also gone a step further to notify users who it believes are targets of such hacking activity

Facebook also revealed that the group used malicious websites with similar domains as popular Turkish and Uyghur news sites. They also designed the malicious sites to look exactly like the legitimate ones to succeed in luring their victims. The group also created sites that mimic Android app stores with Uighur-themed apps, such as dictionary app or prayer apps containing malware.

Two Chinese firms manufactured the hackers’ tools

The investigation by Facebook shows that two Chinese firms – Dalian 9Rush Technology and Beijing Best United Technology – developed the android tools used by the hackers in the attack.

Bt it’s still not clear evidence that the Chinese government is linked to the attack, Facebook stated.

Beijing has always denied reports with China-based hackers or elsewhere. When mails were sent to the Chinese embassy in Washington, it declined to comment about the hacking incidents.

The U.S describes Chinese handling of Uyghur as homicidal

Efforts to reach both Chinese companies called out for the manufacture of the hacking tools have not been successful. When Dalian 9Rush Technology was contacted, the recipient at the other side hung up.

Western governments are increasingly taking a critical look over China’s handling of the minority Uyghur-speaking Chinese citizens. The Chinese government has previously been accused of mass detentions of Muslim Uyghurs in north-western China. The U.S has even described China’s actions against the Uyghurs as homicidal.

But China has always stated that it has not been involved in any false treatments of the minority tribe. It says the activities on the Uyghurs are necessary to fight extremism, as it camps only provides vocational training to the people.

The UN recently reported that about 1 million people, who are predominantly Uyghurs, have been detained in the Xinjiang camps.

Summary
Facebook Blocks Accounts Of Chinese Hackers Targeting Uighurs Abroad
Article Name
Facebook Blocks Accounts Of Chinese Hackers Targeting Uighurs Abroad
Description
On Wednesday, Facebook said Chinese-based hackers used its platform to launch a hacking campaign that targeted Uyghurs speaking people abroad.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 29, 2023
Compromised routers allowed online criminals to target Pentagon contract site
Koddos

Newsletter

Get the latest stories straight
into your inbox!

Popular Articles

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 29, 2023
Compromised routers allowed online criminals to target Pentagon contract site
Aug 28, 2023
1.2 million customers of Mom’s Meals were affected after the recent data breach
Aug 28, 2023
How VPNs Can Defend Against the Threat of Hacking
Aug 23, 2023
Terra Developers Shut Down Website Amid A Phishing Campaign

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading