Hacking sending spyware by exploiting vulnerability of iOSAndroid was discovered, the possibility of Chinese government behind crime group
A team of Canadian cybersecurity researchers reported finding hacking campaigns targeting the Tibetan government and parliament . This campaign used a privilege escalation vulnerability on iOS and Android devices and Facebook's messenger app “
Missing Link: Tibetan Groups Targeted with 1-Click Mobile Exploits-The Citizen Lab
1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp
According to Citizen Lab, a computer science and ethics researcher at the University of Toronto, the hacking group sent a malicious link via WhatsApp and had spyware installed on iOS and Android devices. Citizen Lab names this hacking group “ Poison Carp ”.
The hacking campaign was confirmed between November 2018 and May 2019, and the victims of the Tibetans who were victims were malicious from people who named NGO workers and journalists while exchanging messages on WhatsApp I received a link.
Spyware is installed on the victim's smartphone that has stepped on the link, and attackers can attack as follows.
• Full control of the victim's device.
・ Extract mail, contacts, call records, location information, etc.
• Access the device's camera and microphone.
・ Extract personal data from SNS such as Gmail, Twitter, WhatsApp.
・ Download and install other malicious plug-ins.
Poison Carp's victims included individuals in senior positions such as the Central Tibetan Administration, the Tibetan Parliament, the Tibetan Buddhist leader
by Artemas Liu
The hacking campaign by Poison Carp is “the first case of a smartphone vulnerability being reported by a hack targeting a Tibetan group,” the researcher said. The same technical features were seen in the two hacking campaigns that were reported in the past. Since these two hacking campaigns targeted the Uyghur community, researchers have suggested that 'the Chinese government may support Poison Carp'.
In August 2019, after releasing information on the hacking campaign targeting the iPhone, Apple acknowledged that the hacking campaign was targeting the Uyghur community, a statement that the vulnerability in the issue was corrected in February 2019 Announced.
Researchers said, “Because both iOS and Android vulnerabilities exploited in the campaign have already been fixed, it is strongly recommended that you always keep your mobile device up to date to avoid being a victim of these attacks. '