Facebook removes accounts of ‘China-based hackers’ targeting Uighurs

Facebook has removed a group of China-based hackers it says targeted members of the Uighur community living abroad.

It said hackers used malicious websites and apps to infect devices and allow for remote surveillance, with journalists and activists targeted.

A majority of the cyber attacks didn’t happen directly on Facebook but used the social media platform to share links to infected sites.

This is not the first time hackers have been accused of such activity.

The Uighurs are originally from the north-western region of Xinjiang in China and those targeted are currently living in places including Turkey, the United States, Australia and Canada.

“This activity had the hallmarks of a well-resourced and persistent operation, while obfuscating who’s behind it,” Facebook’s Mike Dvilyanski, head of cyber espionage investigations, and Nathaniel Gleicher, head of security policy, said in a blog post.

Facebook said it removed accounts – which totalled fewer than 100 – it found to have been created by the hackers, a group known as Earth Empusa or Evil Eye.

It believes fewer than 500 accounts were targeted.

Facebook says some of the ways the group infected devices included:

creating fake Uighur-themed apps for the Android app store, including a prayer app and a dictionary app
posing on Facebook as journalists, students, human rights advocates or members of the Uighur community, building trust and tricking them into clicking on malicious links
creating look-alike websites for popular Uighur and Turkish news websites
The Chinese Embassy in Washington has yet to comment.

China is facing mounting criticism from around the world over its treatment of the mostly Muslim Uighur population in Xinjiang.

Rights groups believe China has detained more than a million Uighurs over the past few years.

China denies allegations of abuse, saying camps in the region are “re-education” facilities used to combat terrorism.

Leave a comment

Your email address will not be published. Required fields are marked *