Summary: In March, senior members of the World Uyghur Congress were targeted by a spearphishing campaign aimed at installing malware for remote surveillance. This attack, linked to the Chinese government, involved a deceptive file disguised as a Uyghur-language word processing tool. The campaign highlights the ongoing digital repression faced by the Uyghur community, particularly through tailored methods of cyberattack.
Affected: World Uyghur Congress
Keypoints :
- Targeted a prominent organization representing Uyghur exiles, with historical ties to repression.
- Used a familiar file, mimicked as an open-source tool, to deceive victims into downloading malware.
- Detection of the campaign was facilitated through Google threat notifications, highlighting the attackers’ tailored approach.
- The malware allowed remote access to sensitive information and could load additional malevolent applications.
- Reflects a pattern of digital repression against marginalized communities by state-aligned threat actors.
Source: https://therecord.media/uyghurs-spearphishing-campaign-citizen-lab