[ad_1]
TechCrunch has learned that a number of malicious websites used for two years to hack iPhones targeted Uyghur Muslims.
Sources close to the case said the sites were part of a state-backed attack – probably China – aimed at targeting the Uyghur community in Xinjiang state.
This is part of the Chinese government's latest efforts to suppress the minority Muslim community in recent history. According to a UN human rights committee, Beijing has arrested more than one million Uyghurs in internment camps over the past year.
Google Security researchers have recently discovered and leaked malicious websites this week, but until now, they did not know who they were targeting.
The websites were part of a campaign to target the religious group by infecting an iPhone with malicious code simply by visiting a web page trapped. By gaining unlimited access to iPhone software, an attacker could read a victim's messages and passwords and track their location in near real-time.
Apple Fixed vulnerabilities in February in iOS 12.1.4, a few days after Google revealed the vulnerabilities. The news of the hacking campaign was revealed for the first time this week.
These websites have "thousands of visitors" a week for at least two years, Google said. It's not immediately clear if the same websites were used to target Android users.
The victims were led to open a link that, once opened, would load one of the malicious websites used to infect the victim. This is a common tactic to target phone owners with spyware.
One of the sources told TechCrunch that the websites also infected non-Uighurs who inadvertently accessed these domains because they were indexed in Google Search.
A spokesman for Google would not comment beyond the published research. An FBI spokesman said that they could neither confirm nor deny any investigation, and that he did not comment further.
Google has been criticized following its bomb report for failing to publish the websites used during the attacks. The researchers said the attacks were "indiscriminate attacks of water points" without "any target discrimination," noting that anyone visiting the site would see his iPhone hacked.
But society would not say who was behind the attacks.
Apple did not comment. An email requesting comments to the Chinese Consulate in New York was not returned.
[ad_2]
Source link