Chinese Hackers Used Facebook To Target Uighurs Abroad, Company Says
Chinese Hackers: Facebook has said it blocked a group of Chinese hackers that used the platform to target Uyghur activists living abroad and compromise their security by using surveillance software.
Elizabeth Culliford and Raphael Satter:
Facebook stated on Wednesday it had blocked a bunch of hackers in China who used the platform to goal Uighurs dwelling overseas with hyperlinks to malware that may
infect their units and allow surveillance.
The social media firm stated the hackers, generally known as Earth Evil Eye within the safety business, focused activists, journalists, and dissidents who
had been predominantly Uighurs, a largely Muslim ethnic group dealing with persecution in China.
Facebook stated there have been lower than 500 targets, who had been largely from the Xinjiang area however had been primarily dwelling overseas in international
locations together with Turkey, Kazakhstan, the United States, Syria, Australia, and Canada.
1. Facebook, Google CEOs Suggest Ways to Reform Key Internet Law.
It stated nearly all of the hackers’ exercise occurred away from Facebook and that they used the positioning to share hyperlinks to malicious web sites somewhat than
straight sharing the malware on the platform.
“This activity had the hallmarks of a well-resourced and persistent operation, while obfuscating who’s behind it,” Facebook cyber-security investigators stated in a
blog post.
Facebook stated the hacking group used faux Facebook accounts to pose as fictitious journalists, college students, human rights advocates or members of the Uighur
group to construct belief with their targets and trick them into clicking malicious hyperlinks.
2. Mark Zuckerberg May Not Attend Facebook’s F8 Annual Conference This Year.
It stated hackers each arrange malicious web sites utilizing look-alike domains for standard Uighur and Turkish information websites and compromised respectable web sites visited by the targets.
Facebook additionally discovered web sites created by the group to mimic third-party Android app shops with Uighur-themed apps, like a
prayer app and dictionary app, containing malware.
Facebook stated its investigation discovered two Chinese corporations, Beijing Best United Technology and Dalian 9Rush Technology had developed the Android tooling
deployed by the group.
The Chinese Embassy in Washington didn’t instantly return a message looking for touch upon Facebook’s report. Beijing routinely denies allegations of cyber espionage.
Reuters was not instantly in a position to find contact info for Dalian 9Rush Technology. A person who answered the quantity listed for Beijing Best United Technology
hung up.
Facebook stated it had eliminated the group’s accounts, which numbered lower than 100, and had blocked the sharing of the malicious domains and was notifying
individuals it believed had been targets.
What did the hackers do?
Facebook said the hackers set up websites using lookalike domains of popular Uyghur news sites to trick targets into clicking on links that were booby-trapped with
malware.
“This group used various cyberespionage tactics to identify its targets and infect their devices with malware to enable surveillance,” Facebook’s cyberespionage unit
said in a blog post.
The group also created websites to impersonate app stores offering Uyghur-themed apps that contained malware.
Facebook said it was used to share links to malicious websites, and the malware was not shared directly on the platform.
Also read: North Korean Hacking Group Grows Into Global Threat
Who were the hackers?
Facebook’s investigation said the hackers are known as “Earth Empusa” or “Evil Eye” in the cybersecurity industry.
“This activity had the hallmarks of a well-resourced and persistent operation while obfuscating who’s behind it,” the blog post said.
The investigation did not find any direct links between the hackers and the Chinese government.
Two Chinese companies, Beijing Best United Technology Co Ltd and Dalian 9Rush Technology Co Ltd were found by Facebook to have developed the Android apps deployed by
the hacking group.