Facebook cracks down on ‘Chinese hackers’ targeting Uighurs in exile
Hackers created fake profiles to connect with members of the Uighur community and got them to click on malicious links
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Facebook says it has identified and blocked a network of Chinese hackers on its platform which was targeting members of the Uighur community living abroad.
The company said these hackers were trying to break into the computers and smartphones of almost 500 targets, mostly journalists and activists who were Uighur Muslims, a community facing persecution in northwestern China.
In a public release, the social media giant said hackers were using its platforms for “sending links to malicious websites” and the majority of the hacking activity itself occurred away from Facebook.
The company says it has now notified the targeted accounts and blocked sharing of the malicious domain. It has also taken down almost 100 accounts that it said were found to be created by the hacker groups known as Earth Empusa or Evil Eye.
The tactics used by the hackers included creating fake profiles posing as Uighur Muslims to connect with prominent personalities of the community living abroad and build trust over time. They also impersonated news websites using look-alike domains for popular Uighur and Turkish news sites and used fake third-party Android app stores with Uighur themes to get users to click on malicious links.
Read more:
"This activity had the hallmarks of a well-resourced and persistent operation while obfuscating who’s behind it," Facebook cybersecurity investigators said in a blog post.
Facebook said there were less than 500 targets, who were largely from the Xinjiang region but were primarily living abroad in countries including Turkey, Kazakhstan, the United States, Syria, Australia and Canada.
It said the majority of the hackers’ activity occurred away from Facebook and that they used the site to share links to malicious websites rather than directly sharing the malware on the platform.
Facebook’s investigation found two Chinese companies, Beijing Best United Technology Co Ltd (Best Lh) and Dalian 9Rush Technology Co Ltd (9Rush) had developed the Android tooling deployed by the group.
There has been no official response from China yet on the allegations, however this isn't the first time Chinese hackers have been accused of such activities.
The international community has accused China of sustained human rights violations against its Uighur community, with the UN saying more than one million have been detained in Xinjiang. China, which initially denied the existence of the detention camps, has since said they are voluntary vocational training facilities as part of a broader deradicalisation effort.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments