Facebook announces 'banished a group of Chinese hackers attacking Uighurs'

Facebook has announced that a Chinese hacker group has launched a malicious attack on a particular community on Facebook's platform. Facebook immediately deletes the account of the group that was attacking and notifies the targeted user to alert them.

Taking Action Against Hackers in China --About Facebook


China-based hackers used Facebook to target Uighurs abroad with malware | Facebook | The Guardian

According to Facebook, the target of the attack was just under 500 users from the Xinjiang Uygur Autonomous Region who lived outside China such as Turkey, Kazakhstan, the United States, and Syria. Hackers used fake Facebook accounts to masquerade as fictitious journalists, students, human rights groups, and Uighur community members to build trust with their targets and trick them into linking to malicious sites.

The link prepared by the hacker said that a domain similar to the popular Uighur and Turkish news sites was used. In addition, it seems that he used a fairly elaborate technique such as making it possible to download a prayer application and a dictionary application containing malware from a page similar to the Google Play store.

Nathaniel Gleicher, Head of Cyber Spy Activity Research and Security Policy at Facebook, announced that the series of activities is from a single organization called 'Earth Empura, ' ' Poison Carp, ' or 'Evil Eye.' In addition, Facebook announced that two Chinese companies, Beijing Best United Technology Co Ltd (Best Lh) and Dalian 9Rush Technology Co Ltd (9Rush), were developing Android tools used by a group of hackers.

Earth Empura is suspected of approaching a Tibetan-related person in a similar manner from 2018 to 2019. 'This hack is characterized by resource-rich and permanent operations, making it difficult to identify who is behind it,' Gleicher said.

The Chinese embassy in the United States did not immediately respond to requests for comments on Facebook's report. Since then, China has denied allegations that it was not associated with cyber espionage.

in Security, Posted by log1i_yk