Facebook announced on Wednesday that it had blocked a group of Chinese hackers who were using the platform to send malware to Uighurs living overseas, infecting their devices and allowing surveillance.
The hackers, known in the security industry as Earth Empusa or Evil Eye, targeted activists, journalists, and dissidents, mostly Uighurs, a predominantly Muslim ethnic group persecuted in China, according to the social media firm.
According to Facebook, there were less than 500 targets, most of whom were from Xinjiang but mostly lived overseas in Turkey, Kazakhstan, the United States, Syria, Australia, and Canada.
According to the report, the majority of the hackers’ activity took place outside of Facebook, and they used the platform to share links to malicious websites rather than directly share malware.
“This activity had the hallmarks of a well-resourced and persistent operation, while obfuscating who’s behind it,” Facebook cyber-security investigators said in a blog post.
More Information By Facebook About Hackers:
The group of hackers used fake Facebook accounts to impersonate fictional journalists, students, human rights activists, or members of the Uighur community in order to gain trust and trick their victims into clicking malicious links, according to the company.
According to the report, hackers set up malicious websites using look-alike domains for popular Uighur and Turkish news sites, as well as compromised legitimate websites that the targets visited. The company also discovered malware on websites created by the group to look like third-party Android app stores, including a prayer app and a dictionary app.
According to Facebook, the Android equipment used by the group was designed by two Chinese firms, Beijing Best United Technology and Dalian 9Rush Technology.
A message requesting comment on Facebook’s report was not immediately returned by the Chinese Embassy in Washington. Beijing consistently refutes claims of cyber spying.
Dalian 9Rush Technology’s contact information was not immediately available to Reuters. Beijing Best United Technology’s phone number was answered by a man who hung up.
Facebook said it had taken down the group’s accounts, which counted less than 100, as well as banned the sharing of harmful domains and notified people it thought were targets.
These days, every other platforms is facing these issues where these types of malicious elements are attacking the accounts of innocent users by sending virus-containing links that destroys the system, directly or indirectly. It is highly recommended by us to NOT click any link if the sender is not trusted.