Facebook has taken action against Chinese hackers who were mal-utilizing the social media platform to target Uighur Muslims residing abroad.
Who are Uighurs?
Uighur Muslims are an ethnic minority group predominant in northwest China and are recognized by the Chinese government as a regional minority within a multicultural nation.
In a political move, it has long been speculated that the Chinese Government is expanding detention camps to suppress the Uighur Muslim minorities in China.
Evidence has also seemingly cropped up that showcased images of camp construction with watchtowers and barbed wires that have been set up to “re-educate” the minority, as was issued by the Chinese government.
Facebook mal-utilized by Chinese hackers:
Facebook has recently disclosed that the platform has blocked a group of Chinese hackers known as Earth Empusa or Evil Eye who were targeting and attacking Uighur Muslims living outside China.
There were reportedly less than 500 targets, who were mainly from the Xinjiang region but were primarily living abroad in countries including Turkey, Kazakhstan, the United States, Syria, Australia, and Canada.
While targeting the Uighur Muslims, Facebook noted that the Chinese threat actors carried out the majority of their mal-activities outside the social media platform.
However, while mal-utilizing Facebook, the Chinese hackers posed as fake journalists, students, human rights advocates, or members of the Uighur community to build trust with their targets and dupe them into clicking malicious links.
“This activity had the hallmarks of a well-resourced and persistent operation while obfuscating who’s behind,” the cybersecurity experts of Facebook issued in a blog post.
Large scale malicious deployments to trap Uighurs:
During the malicious activities, the threat actors had established phony websites using look-alike domains for popular Uighur and Turkish news sites and compromised legitimate websites visited by the Uighur victims.
Facebook had also discovered malicious websites deployed by the Chinese threat actors that imitated third-party Android app platforms that aimed for Uighur-themed apps, like a prayer app, containing malware.
Reportedly, investigations carried out by the social media platform disclosed that two Chinese companies, Dalian 9Rush Technology and Beijing Best United Technology had developed the Android tooling employed by the hacker group.
Facebook takes action:
Facebook said it had deleted nearly 100 of the hacker group’s accounts, and blocked the sharing of the malicious domains.
The Uighur victims who were believed to be targeted have also been notified by Facebook.