- Uyghurs have been an easy target in China yet the hackers are still targeting them on various levels.
- The group of hackers is identified under the name of “Earth Empusa”, “Evil Eye”, and “Poison Carp”.
The hackers leverage the platform to compromise targets in the Uyghur community. The group of hackers is known to security researchers as “Earth Empusa”, “Evil Eye” or “Poison Carp”. This group hair targeted around 500 people on Facebook. It included individuals living in the United States, Turkey, Syria, Australia, and Canada. By using fake accounts on Facebook, the hackers pretend to be activists, journalists, and other sympathetic figures to send the targets to compromised websites that went beyond Facebook.
The security and cyber espionage teams of Facebook started seeing the activity in 2020. And, they opted to disclose the threat publicly to increase the impact significantly on the hacker group. Such actions have proven sensitive to public disclosures in the past. Though Facebook says that social engineering efforts on the platform are a “piece of a puzzle” most of the hacker group’s efforts take place elsewhere online. They concentrate on the trials to gain access to the user’s device with watering hole attacks and similar-looking domains. This included a fake Android App Store offering prayer apps and Uyghur-themed keyboard downloads.
As the users downloaded them, the fake apps caused infections in the devices. It uses two different strains of Android Trojan malware called ActionSpy and PluginPhantom. When it comes down to iOS devices, the hacker group leveraged malware called Insomnia.
Hackers employ disinformation operations:
The hackers seemed to target a small number of users to what the company says in disinformation operations. Facebook emphasized that a small and chosen group of targets can cause huge and significant damage and impact.“You can imagine surveillance, you can imagine a range of secondary consequences” Facebook Head of Security Policy Nathaniel Gleicher said. The Uyghurs happen to be e a predominantly Muslim ethnic minority based in China which continues to face brutal repression from the Chinese government.
Facebook did not reveal the link to the Chinese government explaining. Justifying that it defers to the broader security community to make the determinations when it lacks the technical indicators. The researchers believe that adjacent hacking campaigns are efforts from Beijing to extend and increase its surveillance of communities it already subjugates with China’s boundaries.
There are 12 million Uyghurs, who are mostly Muslims staying in the North-Western region of Xinjiang in China. Dekh run conversations in their language which stand similar to Turkish yet they see themselves culturally and ethnically close to Central Asian nations. The US has accused China of genocide against Uighurs and has claimed in an international convention that China intends to destroy whole or in part a national, ethnic, racial, or religious group.