Summary: A spear phishing campaign targeting Uyghur exiled representatives has been uncovered by Citizen Lab researchers, focusing on senior members of the World Uyghur Congress (WUC). The attackers used a trojanized version of a Uyghur language tool to deploy remote surveillance malware, indicating a high level of social engineering and a potential affiliation with the Chinese government. This campaign highlights ongoing cyber threats faced by Uyghur communities abroad and the need for better protective measures against such transnational repression.
Affected: World Uyghur Congress (WUC)
Keypoints :
- Cyberattacks targeted senior WUC members with spear phishing emails that impersonated trusted contacts.
- The delivery mechanism involved a trojanized Uyghur language text editor, revealing a deep understanding of the community.
- Researchers concluded that the campaign aligns with Chinese state interests, calling for better protective measures for exiled communities against cyber threats.
Source: https://www.infosecurity-magazine.com/news/uyghur-diaspora-surveillance/