The social media company said the hackers, known as Earth
Empusa or Evil Eye in the security industry, targeted activists, journalists
and dissidents who were predominantly Uighurs, a largely Muslim ethnic group
facing persecution in China.
Facebook said there were less than 500 targets, who were
largely from the Xinjiang region but were primarily living abroad in countries
including Turkey, Kazakhstan, the United States, Syria, Australia and Canada.
It said the majority of the hackers' activity occurred away
from Facebook and that they used the site to share links to malicious websites
rather than directly sharing the malware on the platform.
"This activity had the hallmarks of a well-resourced
and persistent operation, while obfuscating who's behind it," Facebook
cybersecurity investigators said in a blog post. (https://bit.ly/3lLi8wY)
Facebook said the hacking group used fake Facebook accounts
to pose as fictitious journalists, students, human rights advocates or members
of the Uighur community to build trust with their targets and trick them into
clicking malicious links that would install spying software on their devices.
It said hackers both set up malicious websites using
look-alike domains for popular Uighur and Turkish news sites and compromised
legitimate websites visited by the targets. Facebook also found websites
created by the group to mimic third-party Android app stores with Uighur-themed
apps, like a prayer app and dictionary app, containing malware.
Facebook said its investigation found two Chinese companies,
Beijing Best United Technology Co Ltd (Best Lh) and Dalian 9Rush Technology Co
Ltd (9Rush) had developed the Android tooling deployed by the group.
The Chinese Embassy in Washington did not immediately return
a message seeking comment on Facebook's report. Beijing routinely denies
allegations of cyber espionage.
Reuters was not immediately able to locate contact
information for Dalian 9Rush Technology Co Ltd. A man who answered the number
listed for Beijing Best United Technology Co Ltd hung up.
Western governments are seeking to hold Beijing accountable
for mass detentions of Muslim Uighurs in northwestern China, where the United
States says China is committing genocide.
China denies all accusations of abuse and says its camps
provide vocational training and are needed to fight extremism.
The United Nations estimates that up to 1 million people,
mainly Uighurs, have been detained in the Xinjiang camps.
Facebook said it had removed the group's accounts, which
numbered less than 100, and had blocked the sharing of the malicious domains
and was notifying people it believed were targets.
0 comments:
Post a Comment