China hacked Uyghur Muslim phones to install spyware

  • 5 years ago
XINJIANG, CHINA — A new report has uncovered mass digital surveillance of Uyghurs, a Muslim minority ethnic group in China.

A report by Volexity has found that hackers affiliated with the Chinese government are carrying out cyber attacks on Uyghurs by targeting the websites they visit. It identified at least 11 websites related to Uyghurs and East Turkestan that had been jeopardized and used for surveillance.

These websites are blocked in China and may be used to surveil the Uyghur diaspora outside of China, according to Volexity. These contain malicious code that installs spyware on users' phones when they visit the sites.

The hackers were also observed targeting personal Gmail accounts by tricking users into authorizing access, thereby gaining access to the user's emails.

The report confirmed that the malware targeted Android users but said that these same tactics could be used against Apple and Microsoft phone users.

Research by Google's Project Zero, which uncovered a hacking operation that targets iPhone users that visit certain websites, found that the operation was aimed at the Muslim Uyghurs and non-Uyghurs, TechCrunch reports, citing sources familiar with the matter.

Google did not name the websites or who the hackers targeted. A spokesperson from Google told TechCrunch they would not comment beyond Project Zero's published research.

A source familiar with Google's research confirmed to CNN that some of the websites that Volexity found coincided with some of the website that Project Zero found.

This led some to question why Google would publish research against its competitor but fail to disclose the same about its Android devices.

Project Zero leader Tim Willis denied all this on Twitter and said that Google had found the vulnerabilities in January, while Volexity had found vulnerabilities in Android devices later in the year.