• Contact Us
  • Login
Upgrade
Tech News Hero
Advertisement
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
Tech News Hero
No Result
View All Result
Home Security

Amid Its Covid-19 Crisis, China Was Still Hacking Uighurs’ iPhones

by technewshero
April 23, 2020
in Security
0
Share on FacebookShare on Twitter

China may have been one of the first countries to lock down over the first months of 2020, as Covid-19 began its global spread. But that didn’t stop suspected Chinese spies from carrying out a new smartphone-hacking campaign aimed at one of their favorite targets: the country’s Uighur ethnic minority.

From as early as December of last year and continuing through March, Chinese hackers used so-called “watering hole” attacks to plant malware on the iPhones of Uighurs, according to new findings from the security firm Volexity. To do so, a hacker group that Volexity calls Evil Eye compromised popular Uighur websites, including the news and education site Uyghur Academy and the Uighur Times news outlet. Visiting those sites on an iPhone would automatically infect the device with sophisticated spyware designed to gain access to its data, particularly messaging applications.

That indiscriminate web-based hacking campaign is remarkable not just because it occurred during the peak of China’s novel coronavirus crisis, but also because it began just months after Volexity and Google publicly revealed that the same Evil Eye group was hacking smartphones via those same websites, using a rare collection of previously unknown iOS software vulnerabilities—also known as zero-day vulnerabilities—that shocked the cybersecurity world. The security research group Citizen Lab found that the same zero-day vulnerabilities were also being used to target Tibetan victims, which Volexity sees as a suggestion that the hackers were likely carrying out domestic surveillance on behalf of the Chinese government. The country has faced international criticism over its treatment of both ethnic groups, with a growing focus in recent years on the reported suppression of Uighurs in the Xinjiang region of western China.

The fact that the hackers so quickly retooled and launched a new spy campaign in late 2019 and early 2020 seems to suggest just how determined China’s state-sponsored hackers are to keep tabs on Uighurs’ communications, says Volexity founder Steven Adair. “To put this many resources and effort into developing implants and exploits clearly shows that Uighurs are a high priority target,” says Adair, using the term “exploit” to refer to a hacking technique and “implant” to mean the malware it installs on a target machine. “They’re up there enough that, even in the time of coronavirus and even after this group was publicly outed and exposed, it didn’t deter them from continuing to operate.”

Last fall, Google’s Project Zero research team revealed that a group of hackers had used no fewer than 14 zero-day vulnerabilities in web-based watering hole attacks, which Volexity subsequently tied to an ongoing hacking campaign targeting Chinese Uighurs. The more recent attacks, by contrast, didn’t use any zero-day vulnerabilities, but instead targeted phones missing the most recent iOS patches previous to July of 2019, including iOS versions 12.3, 12.3.1, and 12.3.2. (In separate news, security firm ZecOps today revealed that a zero-day hacking technique had been used against iPhones in the wild, and only patched in a beta update for iOS last week. Update your iPhone to protect against both attacks.)

According to Volexity, the hackers used vulnerabilities in Webkit, which serves as the foundation of iOS browsers, to hack website visitors with malicious iframes planted on the targeted sites. Volexity’s Adair says the exploit would have been almost impossible for a user to detect, and didn’t discriminate among victims, simply infecting every visitor to compromised sites. “For someone on the phone, there’s zero indication this happened,” Adair says. “They just cast the widest net, pulled in the catch, and then went through the results.”

Previous Post

Extraction Review: Chris Hemsworth’s Netflix Movie Is Heavy on Action, but Little Else

Next Post

The Razer Blade Stealth 13 2020 Edition Has 4.9 mm Bezels

technewshero

technewshero

Related Posts

2020 Shows the Danger of a Decapitated Cyber Regime
Security

2020 Shows the Danger of a Decapitated Cyber Regime

by technewshero
January 13, 2021
A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting
Security

A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting

by technewshero
January 14, 2021
The Worst Hacks of 2020, a Surreal Pandemic Year
Security

The Worst Hacks of 2020, a Surreal Pandemic Year

by technewshero
January 15, 2021
Security

How Your Digital Trails Wind Up in the Police’s Hands

by technewshero
December 31, 2020
How to Understand the Russia Hack Fallout
Security

How to Understand the Russia Hack Fallout

by technewshero
December 22, 2020
Next Post

The Razer Blade Stealth 13 2020 Edition Has 4.9 mm Bezels

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Most Popular

Amazon is the latest to ditch GDC this year – TechNewHero

March 1, 2020

Australia to open 24/7 crisis center to block terrorist content in real time

August 26, 2019
Block people from texting, calling or emailing your iPhone ever again

Block people from texting, calling or emailing your iPhone ever again

January 13, 2021

Browse by Category

  • Apps
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • News
  • PC & Laptops
  • Security
  • Social
Tech News Hero

© 2020 Tech News Hero.

No Result
View All Result
  • Home
  • Landing Page
  • Buy JNews
  • Support Forum
  • Contact Us

© 2020 Tech News Hero.

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?